Bulletin

An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.

Greetz from academe: No place to Hyde

In the latest of his ‘Greetz from Academe’ series, highlighting some of the work going on in academic circles, John Aycock looks at a paper that describes how malicious apps can be slipped past Apple’s app review process.

Read more  

More fast or more dirty?

It is not uncommon, nowadays, for businesses to outsource their marketing to third parties - but sometimes, such business links lead to malicious activities. Ke Zhang dissects a piece of malware that generates referrer spam for a ‘web search site’…

Read more  

The shape of things to come

Momentous changes are in the pipeline for VB – with an exciting future ahead. Helen Martin announces the changes that are in store for the publication and the company.

Read more  

Black market haul

Security firm finds millions of stolen credentials and email addresses on the black market.

Read more  

Not Expir-ed yet

Expiro is a file infector that resurfaces from time to time, demonstrating more skills on each new appearance – infecting a service that gives a unique vantage point on traditional malicious activities; running the malware at computer restart without…

Read more  

Greetz from academe: Censored

John Aycock highlights an ACSAC paper that looks at the issue of detecting web content modifications.

Read more  

ProxyCB, a spam proxy under the radar

Kyle Yang (Fortinet)

ProxyCB is a trojan that acts as a proxy server to send spam via the HTTP, HTTPS or SMTP protocol. Wei Wang and Kyle Yang take a detailed look at its installation process, how it bypasses UAC, and the final payload loading process, before dissecting…

Read more  

BYOT: Bring Your Own Target

Gabor Szappanos (Sophos)

The author of Simbot doesn’t take anything for granted: all the necessary components for the malware’s execution are bundled and dropped onto the system, including the relevant vulnerable application for exploitation and regular Windows system…

Read more  

Solarbot botnet

Solarbot, a.k.a. Dapato or Napolar, is a traditional botnet that has been around for a while. It is used for spreading other malware and often comes with built-in DDoS and proxy modules. He Xu takes a closer look.

Read more  

A short visit with a virus

Last month, Peter Ferrie described a Windows virus that turns Java class files into droppers for the virus, and concluded that it would be a simple matter to reverse that: for a virus writer to create a Java class file that turns Windows files into…

Read more  

Search the Bulletin


Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.