An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
Both Android and Java malware, delivered via ZIP-based packages, have reached high volumes in the wild, and continue to grow at a rapid rate. In his VB2014 paper, Gregory Panakkal explores the ZIP file format, focusing specifically on APK files as…
Read moreDénes Óvári describes a PoC file that demonstrates a new way to store data in PDF files.
Read moreNeo Tan (Fortinet)
Micky Pun (Fortinet)
Caphaw, also known as Shylock, has been a quiet, yet persistent player on the botnet scene since 2011. It stands in great contrast to most botnet malware in that it was released with complete functionality rather than being released into the wild…
Read moreFabio Assolini (Kaspersky Lab)
Brazilian bad guys have created a unique way of stealing money from people who prefer to keep their lives entirely offline. By altering ‘boletos’ - popular payment documents issued by banks and all kind of businesses in Brazil - cybercriminals have…
Read moreYanxin Zhang (Palo Alto Networks)
From distributing malware to hosting command and control servers and traffic distribution, malicious domains are essential to the success of nearly all popular attack vectors. Much effort has been put into building reputation-based malicious domain…
Read moreDhia Mahjoub (OpenDNS)
Thibault Reuille (OpenDNS)
Thibault Reuille, Dhia Mahjoub and Ping Yan use particle physics to shows clusters of malicious domains.
Read moreBanking trojan Vawtrak wraps itself in layers, each of which gives rise to the next until a simple binary executable is exposed. Raul Alvarez likens Vawtrak to a nesting doll and in this article he unpacks the doll, looking at each layer in turn.
Read moreVicente Diaz (Kaspersky Lab)
Dani Creus (Kaspersky Lab)
It is not unheard of for researchers to be threatened by criminal gangs, or approached by intelligence services. On other occasions researchers have found themselves under surveillance or their devices have been compromised when on the road. What…
Read moreJames Wyke (Sophos)
In his VB2014 paper, James Wyke explores the different strategies malicious samples employ when a sandbox has been detected. He looks at examples of decoy behaviour that range from dummy files being dropped to the use of fixed path names, bogus DNS…
Read moreCompared to Android, iOS and Blackberry, Tizen (an open-source platform designed for multiple computing platforms such as smartphones, in-vehicle infotainment (IVI), smart TV, wearable devices, consumer electronics, etc.) offers several different…
Read more