An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
Ahmed Zaki (Sophos)
Benjamin Humphrey (Sophos)
The very nature of rootkits makes them hard to classify (and in some cases even detect) using automated malware analysis techniques. Kernel memory modifications can indicate that samples are trying to conceal information or hijack execution paths,…
Read moreChun Feng (Microsoft)
Elia Florio (Microsoft)
Thanks to the ubiquity of Adobe Flash Player, Adobe Flash Player vulnerabilities have become a major target for attackers who want to deliver attacks from web pages. In 2014, some new exploits appeared, targeting two vulnerabilities (CVE-2013-5330…
Read moreThe current upward trend in smart appliance adoption might resemble similar historic trends seen with PCs and smartphones. At this early stage of the adoption process, we might think that the smart devices in our home are safe, but what do we really…
Read moreMartijn Grooten (Virus Bulletin)
The biggest and broadest ranging Virus Bulletin conference ever was a great success. Martijn Grooten describes the highlights of the event.
Read moreAndrei Husanu (Bitdefender)
Alexandru Trifan (Bitdefender)
In their VB2014 paper, Andrei Husanu and Alexandru Trifan propose ways of fingerprinting the behaviour of various email-sending software by analysing sending behaviour at the SMTP and TCP/IP protocol levels in order to identify email messages…
Read moreDhia Mahjoub (OpenDNS)
The total IPv4 space consists of 4 billion addresses, the public ASN visible space consists of 46,000+ AS numbers, and the BGP prefix space consists of 520,000+ prefixes. Together, they form the foundation of addressing, routing and hosting on the…
Read moreRahul Kashyap (Bromium)
Vadim Kotov (Bromium)
In their VB2014 paper, Vadim Kotov and Rahul Kashyap perform an in-depth analysis of malicious web ads, with the focus on Flash banners. They investigate various possibilities for an attacker to leverage ad networks to spread malware and showcase the…
Read moreTao Wei (FireEye)
Min Zheng (FireEye)
Hui Xue (FireEye)
Dawn Song (FireEye)
Apple has a strict review process for apps published in its App Store - which, although not perfect, provides good protection for iOS users and makes it difficult for malware to exist in the App Store. However, apps may also be distributed using…
Read moreEugene Rodionov (ESET)
David Harley (ESET)
Bootkit threats have always been a powerful weapon in the hands of cybercriminals, allowing them to establish persistent and stealthy presence in their victims' systems. The most recent notable spike in bootkit infections was associated with attacks…
Read moreSantiago Pontiroli (Kaspersky Lab)
From the rise and demise of Silk Road to the current state of the crypto-currency frenzy, the story of bitcoin involves mysterious characters, million-dollar robberies and stealthy malware that will make you think twice before going online with your…
Read more