An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
Despite the Windows versions of Zeus and SpyEye now sharing source code, Zitmo and Spitmo - the mobile components of each - have nothing in common at the code level. Spitmo was created from scratch solely for the purpose of stealing mTANs. Mikko…
Read more‘Only 3% of the webmasters responded... Tanase had rediscovered the Bontchev constant.’ Gabor Szappanos, VirusBuster
Read moreBotnets such as Zeus, SpyEye and others use the effective technique of form grabbing to steal sensitive information from victims’ machines. Aditya Sood and his colleagues take a detailed look at the form-grabbing technique.
Read moreThere has already been extensive research into the plethora of tricks used by contemporary malware and executable protectors with the purpose of breaking debuggers and emulators. Unfortunately malware authors are aware of such research efforts and…
Read moreThe generic retro-malware features of ZeroAccess, combined with its advanced rootkit features, makes it one of the most difficult rootkits to deal with, while newer variants of the malware also support 64-bit Windows systems. Peter Ször and Rachit…
Read more‘Because every product has strengths and weaknesses, having a variety of different tests is essential.’ Lysa Myers, West Coast Labs
Read moreIt is uncommon these days to find malware whose sole purpose is to cause damage, but W32.VRBAT does just that (and only that) - using ATA disk security to render hard disks useless. Jorge Lodos and his colleagues have the details.
Read moreThe BIOS rootkit is the most complex type of rootkit researchers have come across so far. It is hardware dependent, and an attacker must have extensive knowledge of the computer – including software and hardware – in order to create one. Until now…
Read moreStudy finds that 99.8% of malware infections caused by commercial exploit kits could be avoided if just six software packages are kept up to date.
Read moreIBM reports decrease in vulnerability disclosures and drop in web application vulnerabilities, but flaws affecting mobile devices are on the rise.
Read more