An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.

VB2015 paper: Labeless - No More

Alexander Chailytko (Check Point Software Technologies)
Aliaksandr Trafimchuk (Check Point Software Technologies)

Consider the following situation: at the beginning of our research we have an empty IDA database and binary code without labels and comments in Olly. After some dynamic analysis we will name a few functions. If, for some reason, an analysis is…

Read more  

Spreading techniques used by malware

Abhishek Singh (Acalvio)

The impact of a malware infection can be increased by applying ‘lateral movement’: spreading the infection from the original infected device to other devices within the same network. This paper shares the technical details of some of the most common…

Read more  

Throwback Thursday: Adjust Your Attitude!

James Wolfe (Lockheed Martin Corporation)

"Most of you reading this article have the technical skill but do you have the people skills?" In 2000, James Wolfe urged security experts to sell themselves and their services.

Read more  

VB2016 paper: Defeating sandbox evasion: how to increase the successful emulation rate in your virtual environment

Aliaksandr Chailytko (Check Point)
Stanislav Skuratovich (Check Point Software Technologies)

This VB2016 paper focuses on the techniques used by malware to detect virtual environments, and provides detailed technical descriptions of what can be done to defeat them.

Read more  

VB2016 paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks

Juan Andrés Guerrero-Saade (Kaspersky Lab)
Brian Bartholomew (Kaspersky Lab)

This VB2016 paper takes a comprehensive look at the current state of attribution in targeted attack research and at deliberate attempts by the adversary to obstruct this process. The paper includes common bases for attribution, practical and…

Read more  

VB2016 paper: Mind this gap: criminal hacking and the global cybersecurity skills shortage, a critical analysis

Stephen Cobb (ESET)

This VB2016 paper addresses a number of increasingly urgent questions about the defence of information systems against criminal hackers, the first of which is: can the world produce enough appropriately skilled human defenders of digital systems to…

Read more  

Throwback Thursday: The Politics of Anti-Virus

David Ensign (ACS Government Solutions Group)

In 1999, David Ensign described a typical day in the life of the Affiliated Computer Services Government Solutions Group, the group responsible for providing full service computer support to US Federal government agencies across the United States.

Read more  

VB2016 paper: Modern attacks against Russian financial institutions

Anton Cherepanov (ESET)
Jean-Ian Boutin (ESET)

Over the past few years we have seen the rise of organized, specialized cybercriminal groups directly targeting financial institutions instead of their customers. This trend has been seen in several countries, but banks in Russia seem to be targeted…

Read more  

VB2016 paper: BlackEnergy – what we really know about the notorious cyber attacks

Robert Lipovsky (ESET)
Anton Cherepanov (ESET)

In the past two years, BlackEnergy has become one of the top malware families of interest to system administrators with the responsibility of protecting the networks of potential targets, to security researchers who have the family in their sights,…

Read more  

VB2016 paper: Mobile applications: a backdoor into the Internet of Things?

Axelle Apvrille (Fortinet)

While the Internet of Things blossoms with newly connected objects every day, the security and privacy of these objects is often of a lesser priority due to market pressure. To assess their effective security status – and improve it – researchers…

Read more  

Search the Bulletin

Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.