Bulletin

An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.

Cridex botnet preview

Neo Tan (Fortinet)

Carmen Liang and Neo Tan focus on a detailed analysis of the Cridex banking trojan's injection routine, communication protocol, encryption scheme and working mechanism in order to shed light on the development path of the three most recent…

Read more  

‘Lahf’ing all the way

W32/Frilly decodes itself using a subtle side effect of multiple instructions – the state of the CPU flags. Peter Ferrie has all the details.

Read more  

Pinterest scams – under the hood

Having enjoyed exponential growth over the last year, social media site Pinterest has also become a popular target amongst scammers for making money quickly and easily through various scams. Hardik Shah describes some of them.

Read more  

URLZone reloaded: new evolution

Neo Tan (Fortinet)

MIB banking trojan URLZone dates back to 2009, and unlike other botnets it still uses a centralized communication system. Although less flexible than other P2P botnets, its refined method of injection, old-fashioned centralized topology and a…

Read more  

Threat prevalence: your breach will have to wait

‘The vendor has no choice but to prioritize resources towards ... keep[ing] up with existing malware families.' Chad Loeven, Silicium Security.

Read more  

A global treaty on online threats (or the challenges of (inter)national cooperation)

Wout de Natris looks at the state of international cooperation on cybercrime and considers the need for a global treaty on online threats.

Read more  

Rise in targeted attacks

Security firm reports an almost 400% increase in targeted attacks against companies in the last year.

Read more  

UK regulator fines Russian Android malware firm

Russian company fined by UK regulator for distributing apps containing premium rate dialler.

Read more  

Unpacking x64 PE+ binaries part 2: using WinDbg

In the first part of this tutorial series Aleksander Czarnowski described some fundamental differences between the 32- and 64-bit Windows PE+ file format and looked at using the Bochs IDA plug-in to find the original entry point of a file. In part…

Read more  

Garbage collection

As a form of anti-debugging/anti-emulation, some malicious programs insert garbage code within their instructions. Raul Alvarez looks at the use of garbage code and unsupported or rarely used APIs by recent malware.

Read more  

Search the Bulletin


Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.