An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
Shinho Lee (ESTsecurity)
Wookhyun Jung (ESTsecurity)
Sangwon Kim (ESTsecurity)
Jihyun Lee (ESTsecurity)
Jun-Seob Kim (ESTsecurity)
This paper proposes the use of the ‘Dalvik EXecutable Opcode Fuzzy’ (‘Dexofuzzy’) hash to find similar malware variants without the need for an analyst to have systematic or mathematical knowledge.
Read moreIvan Kwiatkowski (Kaspersky)
Several professionals defend the notion that technology and ethics have nothing to do with each other. This paper presents various schools of thought pertaining to the philosophy of justice, and explores how they could help us solve some of the…
Read moreYonathan Klijnsma (RiskIQ)
Magecart is an umbrella term given to at least 12 cybercrime groups that are placing digital credit card skimmers on compromised e-commerce sites at an unprecedented rate and with frightening success. This paper presents a timeline of the Magecart…
Read moreLuca Nagy (Sophos)
Since its appearance more than five years ago, the Emotet trojan has been – and remains – the most notorious and costly active malware. This paper discusses the reverse engineering of its components, as well as the capabilities and features of…
Read moreGabriela Nicolao (Deloitte)
Luciano Martins (Deloitte)
Ryuk is a ransomware family that, unlike regular ransomware, is tied to targeted campaigns where extortion may occur days or weeks after an initial infection. Ryuk was first observed in August 2018 and remains active as of July 2019. This paper…
Read moreSebastian García (Stratosphere Laboratory and Czech Technical University in Prague)
Maria Jose Erquiaga (Stratosphere Laboratory and UNCUYO University)
Anna Shirokova (Avast Software)
Maintaining a good operational security (OpSec) is difficult because it increases the cost of work and decreases the speed of actions. This is true both for security analysts and for attackers. This VB2019 paper describes a botnet, known as Geost,…
Read moreReason Labs
VB2019 Platinum partner Reason Cybersecurity presents a threat analysis report on the Save Yourself malware.
Read morePeter Kálnai (ESET)
Michal Poslušný (ESET)
The number of incidents attributed to the Lazarus Group, a.k.a. Hidden Cobra, has grown rapidly since its estimated establishment in 2009. In this paper, ESET researchers Peter Kalnai and Michal Poslusny look at various cells within the group, that…
Read moreAndrew Brandt (Sophos)
As the world grapples with massive disinformation campaigns waged by the intelligence agencies of hostile nations, we should not forget that such activities are not limited to the purview of the Bears or Pandas of the world, and that even relatively…
Read moreNikolaos Tsapakis (independent researcher)
Nikolaos Tsapakis explores Network Time Protocol (NTP) as an alternative communication channel, providing practical examples, code, and the basic theory behind the idea.
Read more