VB2014 paper: Quantifying maliciousness in Alexa top-ranked domains

Posted by   Virus Bulletin on   Jun 26, 2015

Paul Royal looks at malware served through the most popular websites.

Though VB2014 took place nine months ago, most of the papers presented during the conference remain very relevant. Paul Royal's paper 'Quantifying maliciousness in Alexa top-ranked domains' is no exception.

Large websites serving malware through direct compromises or through compromises of the ad networks they use (that being the subject of another VB2014 presentation) continue to make the news. Moreover, those serving the malware, typically through exploit kits, work hard to make sure that it isn't picked up by automated scans. For that reason alone, Paul's presentation is worth watching.

We have uploaded Paul's presentation to our YouTube channel. We also published the paper he wrote, which you can read here in HTML format or download here as a PDF.

If you like presentations like Paul's, why not register for VB2015? A 10% Early Bird discount applies until 30 June.



Posted on 26 June 2015 by Martijn Grooten
twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

NCSC gives important advice on lateral movement

The UK's National Cyber Security Centre (NCSC) has provided helpful and practical advice on preventing and detecting lateral movement by an attacker within a network.

What kind of people attend Virus Bulletin conferences?

If you are considering submitting a proposal for a talk to VB2018 and you're not familiar with the event, you may find it useful to know what kind of people attend the conference.

Olympic Games target of malware, again

An unattributed malware attack has disrupted some computer systems of the 2018 Winter Olympics. In 1994, a computer virus also targeted the Winter Olympics.

There are lessons to be learned from government websites serving cryptocurrency miners

Thousands of websites, including many sites of government organisations in the UK, the US and Sweden, were recently found to have been serving a cryptocurrency miner. More interesting than the incident itself, though, are the lessons that can be…

We need to continue the debate on the ethics and perils of publishing security research

An article by security researcher Collin Anderson reopens the debate on whether publishing threat analyses is always in the public interest.