An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
Evgeny Sidorov (Yandex)
Konstantin Otrashkevich (Yandex)
At VB2013 Evgeny Sidorov spoke about three modern approaches used by attackers to embed malicious code into HTTP responses. One such approach was the use of web-server modules for malware distribution. Here, Evgeny and his colleagues describe…
Read moreNeo Tan (Fortinet)
Medfos is a heavily obfuscated trojan family which downloads modules capable of redirecting search engine results in the most popular browsers. Benjamin Chang and Neo Tan dissect the way the Medfos downloader deploys its downloaded modules, and the…
Read moreRichard Ford (Florida Institute of Technology)
A brand new instruction set coming to Intel’s processors in the near future has tremendous potential implications both for malware authors and for defenders. Shaun Davenport and Richard Ford describe the SGX technology and how people might use it.
Read moreSality has been around for many years, yet it is still one of today’s most prevalent pieces of malware. In this two-part article, Raul Alvarez takes a close look at a variant of Sality that not only infects executables but also has some trojan-like…
Read moreNeo Tan (Fortinet)
Appendix to Medfos - an all-purpose redirectot
Read moreRound-up of some of the security industry's predictions for the year ahead.
Read moreThe untimely death of security researcher Péter Ször sent shockwaves across anti-malware community last month. Some of those who knew him best pay tribute to a brilliant mind and a true gentleman.
Read moreEddy Willems presents a round up of the 22nd EICAR Conference, held in Hannover last month.
Read moreViruses for Java are relatively rare, and parasitic viruses for Java are even rarer. The Java/Handjar virus infects Java applications by placing its virus code inside a JAR file and including a reference to the virus class file. Peter Ferrie has the…
Read moreThe Android/FakeKakao trojan monitors incoming and outgoing SMS messages, sends SMS spam and gathers sensitive information as well as incorporating anti-debugging and anti-emulator tricks and disabling some security software. Zhe Li and Dong Xie take…
Read more