An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
In the first and second parts of his series on the Necurs rootkit, Peter Ferrie looked at what it does to hook the system. In part 3, he takes a look at what those hooks actually do.
Read moreWith a modular architecture and sophisticated functionality, Sinowal is a multi-component banking trojan targeted at various web browsers which threatens users of online banking systems around the globe. Chao Chen delves into the inner workings of…
Read moreWapomi is a virus with trojan-like behaviour. It was originally detected as long as a couple of years ago, yet it is still very active in the wild. Raul Alvarez takes a look at some of the malware’s functionalities in an attempt to shed light on its…
Read more‘We hope soon to be able to provide a better reflection of the growing diversity of the security solution market.’ John Hawes
Read moreAs indicated by the considerable payouts we see being made for valid security vulnerabilities, finding valuable 0-days is not an easy task. Fuzzing – the most common approach to bug hunting – is technologically and scientifically well developed and…
Read moreIn the last of his ‘Greetz from academe’ series, highlighting some of the work going on in academic circles, John Aycock looks at change in the form of Android update flaws, as well as spare change under the guise of academic funding.
Read moreIn the first part of his series on the Necurs rootkit, Peter Ferrie looked at what it does during start-up and when it is not loaded as a boot-time driver. This time, he looks at what Necurs does when it is loaded as a boot-time driver.
Read moreNeurevt first appeared over a year ago – its many components cover a large number of the most popular malicious functionalities, including downloading malware, DDoS attacks and website sniffing. He Xu discusses the major changes that have been…
Read moreElevation of privilege (EoP) vulnerabilities can allow a program to run arbitrary code, regardless of that program’s current permission level – as a result, they draw a lot of attention from malware authors. Wayne Low describes two of the EoP…
Read more