An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
Terry Zink (Microsoft)
In 2012, the world of email filtering created a new tool to combat spam and phishing: DMARC - a technology that is designed to prevent spammers from forging the sender. DMARC has its upsides, but it also has some drawbacks. In his VB2014 paper, Terry…
Read morePatrick Wardle (Synack)
iWorm is a recently discovered OS X backdoor that affords an attacker complete control of an infected host. In this paper, Patrick Wardle builds upon the latest analyses, and provides a comprehensive technical analysis of iWorm's infection vector and…
Read moreAlexandru Maximciuc (Bitdefender)
Cristina Vatamanu (Bitdefender)
Razvan Benchea (Bitdefender)
Since hiding a C&C means that a botnet will remain running for longer, specialized hosting services that are able to hide a server behind many proxies have appeared. In their VB2014 paper, Alexandru Maximciuc, Cristina Vatamanu and Razvan Benchea…
Read morePatrick Wardle (Synack)
As Mac OS X continues to increase in popularity, OS X malware is becoming more common than ever. In his VB2014 paper, Patrick Wardle presents a detailed analysis of Apple’s anti-malware mechanisms (revealing several significant weaknesses), before…
Read moreLuis Corrons (Panda Security)
One of the main ways for cybercriminals to make money easily with the use of malware is through SMS premium services – using trojans to turn mobile devices into slot machines and causing victims' monthly phone bills to skyrocket. In his VB2014 paper,…
Read moreJean-Ian Boutin (ESET)
In his VB2014 conference paper, Jean-Ian Boutin looks at the current webinject scene and how it has evolved over time, going from simple phishing-like functionalities to automatic transfer system (ATS) and two-factor authentication bypass, along with…
Read moreNick Sullivan (CloudFlare)
In his VB2014 conference paper, Nick Sullivan explains what DNSSEC does and doesn't do to make DNS responses more trustworthy.
Read moreRaul Alvarez takes a close look at cavity file infector W32/Huhk, which - thanks to its infection criteria - only infects a handful of executable files, thus unintentionally creating a stealth technique.
Read moreCitadel is a sophisticated descendent of the Zeus botnet. In this two-part article, Aditya Sood and Rohit Bansal provide insight into the bot's design components, including its system infection and data exfiltration tactics. In this, the second part…
Read moreCitadel is a sophisticated descendent of the Zeus botnet. In this two-part article, Aditya Sood and Rohit Bansal provide insight into the bot's design components, including its system infection and data exfiltration tactics.
Read more