An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
The first week of October saw the 23rd anniversary of German reunification and the 23rd Virus Bulletin International Conference – in Berlin. Helen Martin reports on the latter.
Read moreZAccess (a.k.a. ZeroAccess) is a complex botnet with many different variants and updates to the malware having been observed over several years. In June He Xu and colleagues found and analysed some variants which integrated a debugger engine. He…
Read moreMartijn Grooten (Virus Bulletin)
‘If anyone were to invent SMTP today and decide it was a good idea for messages to be sent in plain text, they would receive short shrift.’ Martijn Grooten considers the current state of email in light of recent security-related incidents.
Read moreAccording to the Online Trust Alliance, almost 10 billion ad impressions were compromised by malvertising in 2012 and malvertising incidents increased by more than 250% from Q1 2010 to Q2 2010. In this article, Bianca Stanescu and colleagues look at…
Read morePeter Ferrie revisits W32/Lerock and its so-called ‘virtual code’ - which, despite some updates and tweaks still lends itself to simple detection by anti virus software.
Read moreWe have seen hundreds, if not thousands, of variations of Zeus in the wild. The main goal of the malware does not vary, yet different functionalities have been added over time. Raul Alvarez takes a detailed look at some of those functionalities and…
Read moreLysa Myers (ESET)
It has often been said that the reason the general public does not take IT security seriously is that there has not been a sufficiently serious IT security disaster to make them take notice. But have leaks about the NSA given us the ‘cyber-Chernobyl’…
Read moreJohn Aycock considers Internet censuses and a tool that can scan almost the entire IPv4 address space in search of the answer to a given census question in less than 45 minutes.
Read moreRunning an iframe injector on a compromised virtual hosting server can easily result in the infection of hundreds of web servers in just a few seconds. Aditya Sood and colleagues look at the design of a basic injector: NiFramer.
Read moreUK banks' cyber defences put to the test in large-scale simulated attack.
Read more