An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
A cross-infector of unrelated platforms is typically implemented as two viruses stuck together, because that’s the easiest way to do it - but if the general mechanics of file enumeration and infection are the same across the affected platforms, then…
Read moreThanks to its widespread use in legitimate applications, Java has seen a lot of use in malware and exploit kits recently, with one of the most common exploit techniques being to disable the Java security manager. Abhishek Singh and Shray Kapoor…
Read moreSKAgent, a simple, unencrypted, unsophisticated piece of malware, sends spam messages via Skype. Raul Alvarez describes the simple copy-and-paste technique it uses to do so.
Read more‘Capturing the imagination of end‑users when it comes to security education is one of the greatest hurdles.' Helen Martin, Virus Bulletin
Read moreThere is often a disconnect between academic security research and anti-malware industry research – in both directions. Dr John Aycock, Associate Professor at the Department of Computer Science, University of Calgary, embarks on a new regular feature…
Read moreResearchers show malware on a mobile device can be triggered by music.
Read moreStrong encryption and sophisticated algorithms are not necessarily what make a piece of malware persistent. Rather, it is the use of a cocktail of techniques that ensures the longevity of malware in the wild. Raul Alvarez looks at some of the…
Read moreMetamorphism seems to be the holy grail for virus writers in general. The assumption is that it is more difficult for an anti-virus engine to detect a metamorphic virus than it is to detect a ‘lesser’ virus. As a result, there have been attempts to…
Read moreRuhai Zhang takes a look at the cat-and-mouse game of exploit samples, focusing on the widely used CVE-2012-0158 vulnerability.
Read more