Bulletin

An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.

VB2014 paper: Can we trust a trustee? An in-depth look into the digitally signed malware industry

Adrian Stefan Popescu (Bitdefender)
Gheorghe Jescu (Bitdefender)

An increasing number of developers are using certificates issued by Certificate Authorities (CAs) to create a more trustworthy environment for users. Although certificates should be used by legitimate developers only, we are seeing an increasing…

Read more  

VB2014 paper: How they’re getting the data out of your network: a survey of methods used for exfiltration of sensitive data, recommendations for detection and protection

Eric Koeppen (IBM)

Exfiltration of data has been a feature of many attacks, where confidential customer information has been leaked to malicious actors - such infections can have disastrous effects on a company’s brand, customer loyalty, and competitive advantage. In…

Read more  

VB2014 paper: Protecting financial institutions from man-in-the-browser attacks

Xinran Wang (Shape Security)
Yao Zhao (Shape Security)

It is reported that more than 1,400 financial institutions have been targeted by attackers using banking trojans, and the top 15 targeted financial institutions were attacked by more than 50 per cent of the trojans in 2013. One major tactic of…

Read more  

VB2014 paper: Tech Support Scams 2.0: An inside look into the evolution of the classic Microsoft tech support scam

Jérôme Segura (Malwarebytes)

Tech support scams have been around for a long time, and despite all the attention they have received, they are only getting worse. Scammers are diversifying - no longer just using the Microsoft cold-calling technique but now also using deceptive ads…

Read more  

VB2015 paper: WaveAtlas: Surfing Through the Landscape of Current Malware Packers

Fanny Lalonde Lévesque (École Polytechnique de Montréal)
Erwann Traourouder (École Polytechnique de Montréal)
François Menet (École Polytechnique de Montréal)
Jean-Yves Marion (Université de Lorraine)

Obfuscation techniques have become increasingly prevalent in malware programs as tools to thwart reverse engineering efforts and evade signature-based detection by security products. Among the most popular methods is the use of packers, which are…

Read more  

VB2015 paper: The Unbearable Lightness of APTing

Yaniv Balmas (Check Point Software Technologies)
Shahar Tal (Check Point Software Technologies)
Ron Davidson (Check Point Software Technologies)

APT campaigns are typically described with awe surrounding the technical achievements enabled by the level of resources and capacity conceivably available only to nation-state governments and intelligence agencies, often dubbed APT groups. These…

Read more  

VB2015 paper: Android Ransomware: Turning CryptoLocker into Crypto Unlocker

Alexander Adamov (NioGuard Security Lab)

These days, we see an increasing number of new pieces of ransomware for Android devices. They adopt new social engineering, communication and encryption techniques such as the use of Tor and advanced encryption algorithms (RSA-1024 and even elliptic…

Read more  

Throwback Thursday: A View from the Lab (October 1997)

In mid-1997, new viruses and variants were appearing at over 250 per month, and according to Peter Morley, "Any organization which cannot process 300 viruses per month in times of stress, has no chance of keeping in the game." He split anti-virus…

Read more  

Optimizing ssDeep for use at scale

Being able to find files that are similar to a particular file is quite useful, although it can be difficult to handle at scale. It can often require an infeasible number of comparisons, which need to take place outside of a database. In an attempt…

Read more  

Throwback Thursday: Legal attempts to reduce spam. A UK perspective (November 2003)

In November 2003, Martin Lee summarized from a UK perspective the various legislative attempts to ban the abuse of email by law.

Read more  

Search the Bulletin


Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.