An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
Aleksander Czarnowski describes some of the main differences between the PE and PE+ file formats from the perspective of the binary unpacking process.
Read moreCode virtualization is a popular technique for making malware difficult to reverse engineer and analyse. W32/Noteven uses the technique, but has such a buggy interpreter that it's a wonder the code works at all. Peter Ferrie has the details.
Read more‘It seems logical that, in the future, security must move closer to the information.' Greg Day, Symantec.
Read moreAlthough the PDF language was not designed to allow arbitrary code execution, implementation and design flaws in popular reader applications make it possible for criminals to infect machines via PDF documents. Didier Stevens explains how this is…
Read moreAditya Sood and Richard Enbody discuss some of the different techniques that are used by present-day malware to circumvent protection mechanisms.
Read moreNeo Tan (Fortinet)
The Andromeda botnet recruits its bots thanks to four key elements - compromised websites, an exploit kit, a downloader and a mailing engine - linked by four sequential phases. Neo Tan takes a closer look.
Read moreRecent years have been marked by an explosive growth of social networks, with Facebook becoming one of the most attractive channels for cybercriminal activity. Alin Damian analyses some of the malicious domains extracted from Facebook applications…
Read moreSome virus writers try to find obscure side effects of instructions in an attempt to confuse virus analysts. Sometimes they succeed, and sometimes we already know about the side effects. The latter is the case with the technique used in the…
Read moreWith content-based anti-spam technologies decreasing in efficiency, Marius Tibeica and Adrian Toma propose a fingerprinting algorithm that maps similar text inputs to similar signatures.
Read more