An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
The 010 Editor is a powerful tool for analysing files. The editor can also alter files, and it supports a scripting language to automate certain tasks. Who would have guessed that one of those tasks would be to infect files? Peter Ferrie describes…
Read moreThousands of unsuspecting chat users clicked on a malicious link a few months ago. A spam message contained a link that led to a worm being downloaded, which, in turn, downloaded a component that sent more copies of the spam message. Variously dubbed…
Read moreDavid Jacoby (Kaspersky Lab)
‘The people behind these scams are making significant amounts of money, and they are infecting users all over the world.’ David Jacoby, Kaspersky Lab
Read moreLoucif Kharouni (Trend Micro)
Recently, there has been a change in the toolkit/exploit kit landscape, with bad guys dedicating more time and resources to securing their creations and the servers on which their software will be installed. Loucif Kharouni explains why we need to…
Read moreSebastian Eschweiler describes a static unpacker for the 'XPACK' packer - outlining each step of the unpacking process and looking at how weaknesses in vital steps can efficiently be exploited to produce a generic unpacker.
Read moreGabor Szappanos (Sophos)
Gabor Szappanos started with two fairly incomplete sources of information about the latest Blackhole server version: the server-side source code from old versions and the outgoing flow of malware. He describes how, using these sources, he was able to…
Read moreThe Floxif DLL file infector implements both anti‑static- and anti-dynamic-analysis techniques. Raul Alvarez describes how.
Read moreSirefef is a fast-paced malware family. It frequently changes its obfuscated packer layer in order to avoid detection by AV scanners and to impede reverse engineering. Tim Liu present the technical processes he and his team followed during analysis…
Read moreRecently, the Pony trojan (a.k.a. FareIt) has been observed installing a new Zeus sample on users’ machines. Jie Zhang takes a look at the new packer tricks that are used by this latest Zeus sample.
Read more‘The BYOD concept needs a maturity model to ensure there is a clear path to increased organizational security’ Jeff Debrosse, Western Governors University
Read more