Posted by Martijn Grooten on Jun 13, 2018
Google has made a subtle change to its Chrome browser, banning the inline installation of new extensions, thus making it harder for malware authors to trick users into unwittingly installing malicious extensions.
Posted by Martijn Grooten on Jun 11, 2018
We publish a paper by researchers from Quick Heal Security Labs in India, who study the EternalBlue and DoublePulsar exploits in full detail.
Posted by Virus Bulletin on Jun 1, 2018
Several VB2018 papers deal explicitly or implicitly with threats that have been attributed to North Korean actors.
Posted by Martijn Grooten on May 31, 2018
The domain of the little-used SpamCannibal DNS blacklist had expired, resulting in it effectively listing every single IP address.
Posted by Martijn Grooten on May 30, 2018
Researchers at IBM X-Force have discovered MnuBot, a banking trojan targeting users in Brazil, which is noteworthy for using SQL Server for command and control communication.
Posted by Martijn Grooten on May 24, 2018
The 68-byte EICAR test file plays as important a role today as it did 19 years ago. In this week's Throwback Thursday we look back at a VB99 conference paper in which Randy Abrams described how this 'miracle tool' worked and how it could be used.
Posted by Martijn Grooten on May 23, 2018
A new piece of cryptocurrency-mining malware on macOS has been found to use the popular XMRig miner.
Posted by Martijn Grooten on May 22, 2018
CDN provider Cloudflare reports an increase in DDoS attacks targeting layer 7 and focusing on exhausting server resources rather than sending large volumes of data. This fits in a wider trend.
Posted by Martijn Grooten on May 15, 2018
Through fake social media accounts, users were tricked into installing an Android application that was actually a mobile version of the FinFisher spyware.
Posted by Martijn Grooten on May 9, 2018
The Hide'n'Seek IoT botnet has received an update to make its infection persist on infected devices beyond a restart.