VB Blog

VB2016 preview: Debugging and Monitoring Malware Network Activities with Haka

Posted by   Martijn Grooten on   Sep 12, 2016

In a VB2016 paper, Stormshield researchers Benoit Ancel and Mehdi Talbi will present a paper on Haka, a tool that can be used to monitor and debug malware's network communications.

Read more  

Paper: Behavioural Detection and Prevention of Malware on OS X

Posted by   Martijn Grooten on   Sep 12, 2016

In a new paper published through Virus Bulletin, Vincent Van Mieghem presents a novel method for detecting malware on Mac OS X, based on the system calls used by malicious software.

Read more  

VB2016 preview: Smart Outlets. Why We Need Responsible Disclosure!

Posted by   Martijn Grooten on   Sep 9, 2016

At VB2016, four researcher from Bitdefender will present a paper in which they look at vulnerabilities in four "smart" power outlets.

Read more  

VB2016 preview: Uncovering the Secrets of Malvertising

Posted by   Martijn Grooten on   Sep 7, 2016

Malvertising, in which legitimate ad networks are abused to silently infect users with malware, has become a real plague in recent years. A VB2016 paper by Malwarebytes researchers Jérôme Segura and Chris Boyd will look at the issue.

Read more  

VB2016: Important Information About the Hotel

Posted by   Martijn Grooten on   Sep 6, 2016

Many people have already registered for VB2016 and the conference hotel is rapidly filling up - registration for the event will remain open right up until the start of the conference, but here, we provide some advice about booking accommodation.

Read more  

VB2016 preview: Detecting Man-in-the-Middle Attacks With Canary Requests

Posted by   Martijn Grooten on   Sep 6, 2016

At VB2016, Cylance researcher Brian Wallace will reveal a multi-platform tool that runs on the endpoint and uses various techniques to detect ongoing man-in-the-middle attacks.

Read more  

A look at the VB2016 sponsors

Posted by   Martijn Grooten on   Sep 5, 2016

More than a dozen companies and organizations are lending their support to VB2016 as conference sponsors and supporting organizations.

Read more  

Guest blog: Nemucod ransomware analysis

Posted by   Virus Bulletin on   Sep 2, 2016

In a guest blog, Webroot researcher Jesse Lopez looks at another variant in the massive crop of malware that takes users’ files hostage: Nemucod ransomware.

Read more  

VB2016 preview: Mobile Applications: a Backdoor into Internet of Things?

Posted by   Martijn Grooten on   Sep 1, 2016

At VB2016 in Denver, Fortinet researcher Axelle Apvrille will discuss how analysing a device's complementary mobile app can help a great deal in understanding the architecture of a smart device.

Read more  

VB2016 preview: Wild Android Collusions

Posted by   Martijn Grooten on   Aug 31, 2016

Full technical details of the first in-the-wild Android app 'collusion' attack, where multiple apps perform an attack in collaboration, will be shared with the public in at VB2016 in Denver on 5 October.

Read more  
Previous1...4142434445...215Next

Search blog

VB2016 paper: Wild Android collusions

At VB2016 in Denver, Jorge Blasco presented a paper (co-written with Thomas M. Chen, Igor Muttik and Markus Roggenbach), in which he discussed the concept of app collusion - where two (or more) apps installed on the same device work together to collect an…
Playing out in the sidelines of the Cambridge Analytica scandal was the discovery that Facebook had been collecting metadata on the calls and SMS conversations of many of the… https://www.virusbulletin.com/blog/2018/03/vb2016-paper-wild-android-collusions/

Throwback Thursday: BGP - from route hijacking to RPKI: how vulnerable is the Internet?

For this week's Throwback Thursday, we look back at the video of a talk Level 3's Mike Benjamin gave at VB2016 in Denver, on BGP and BGP hijacks.
Yesterday, a 'mysterious event' involving BGP, the Internet's border gateway protocol, led to the traffic to many popular websites being routed for around six minutes. BGP… https://www.virusbulletin.com/blog/2017/12/throwback-thursday-bgp-route-hijacking-rpki-how-vulnerable-internet/

Throwback Thursday: Anti-malware testing undercover

We look back at the VB2016 presentation by Righard Zwienenberg (ESET) and Luis Corrons (Panda Security), in which they discussed various issues relating to anti-malware testing.
The testing of security products has been a hotly debated topic in the industry for at least the past two decades. It was, for instance, the topic of a popular VB2017 paper by… https://www.virusbulletin.com/blog/2017/11/throwback-thursdayanti-malware-testing-undercover/

Throwback Thursday: The beginning of the end(point): where we are now and where we'll be in five years

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.
Over the coming weeks and months, we plan to use the Throwback Thursday slot to look back at and publish some great VB conference presentations from our archives. We start… https://www.virusbulletin.com/blog/2017/11/vb2017-video-beginning-endpoint-where-we-are-now-and-where-well-be-five-years/

VB2017 preview: Android reverse engineering tools: not the usual suspects

We preview the VB2017 paper by Fortinet researcher Axelle Apvrille, in which she looks at some less obvious tools for reverse engineering Android malware.
Six years ago (coincidentally the last time the VB conference was held in Spain) saw the first VB conference paper presented on Android malware, which at that time was still an… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-android-reverse-engineering-tools-not-usual-suspects/

Throwback Thursday: Ten memorable Virus Bulletin conference presentations - part 2

In the second part of this two-part blog series, we look at five more memorable Virus Bulletin conference presentations.
With an excellent conference programme featuring some of the top experts in the IT security industry and covering some of the most important topics, we have much to look forward… https://www.virusbulletin.com/blog/2017/08/throwback-thursday-ten-memorable-virus-bulletin-conference-presentations-part-2/

VB2016 paper: BlackEnergy – what we really know about the notorious cyber attacks

According to some researchers, there is some evidence linking the recent (Not)Petya attacks with the BlackEnergy group - which became infamous for its targeted attacks against the Ukraine. At VB2016, ESET researchers Anton Cherepanov and Robert Lipovsky s…
In a blog post published on Friday, ESET researcher Anton Cherepanov provides evidence linking last week's (Not)Petya attacks to the BlackEnergy group; Kaspersky researchers also… https://www.virusbulletin.com/blog/2017/07/vb2016-paper-blackenergy-what-we-really-know-about-notorious-cyber-attacks/

VB2016 paper: Steam stealers: it's all fun and games until someone's account gets hijacked

Last year, Kaspersky Lab researcher Santiago Pontiroli and PwC's Bart Parys presented a VB2016 paper analysing the malicious threats faced by users of the Steam online gaming platform, and highlighting how organized criminals are making money with these p…
The online games market is huge, and the Steam platform is a huge player in that market. Users registered on the Steam platform use their credit cards to buy content, and… https://www.virusbulletin.com/blog/2017/06/vb2016-paper-steam-stealers-its-all-fun-and-games-until-someones-account-gets-hijacked/

VB2016 paper: Diving into Pinkslipbot's latest campaign

Qakbot or Qbot, is a banking trojan that makes the news every once in a while and was the subject of a VB2016 paper by Intel Security researchers Sanchit Karve, Guilherme Venere and Mark Olea. In it, they provided a detailed analysis of the Pinkslipbot/Qa…
Pinkslipbot, also known as Qakbot or Qbot, is a banking trojan that makes the news every once in a while, yet never seems to get the attention of the world's Zbots and Dridexes. I… https://www.virusbulletin.com/blog/2017/06/vb2016-paper-diving-pinkslipbots-latest-campaign/

VB2016 video: Last-minute paper: Malicious proxy auto-configs: an easy way to harvest banking credentials

In a VB2016 last-minute presentation, Jaromír Horejší and Jan Širmer looked at Retefe, a trojan that has targeted banks in several European countries and used malicious proxy auto-config filesto redirect users' traffic to a server controlled by the attack…
"Much media attention is given to imminent and visible threats, like ransomware. Other threats remain under the radar and often go unnoticed." This part of Jaromír Horejší and Jan… https://www.virusbulletin.com/blog/2017/may/vb2016-video-last-minute-paper-malicious-proxy-auto-configs-easy-way-harvest-banking-credentials/

VB2016 paper: Uncovering the secrets of malvertising

Malicious advertising, a.k.a. malvertising, has evolved tremendously over the past few years to take a central place in some of today’s largest web-based attacks. It is by far the tool of choice for attackers to reach the masses but also to target them wi…
In his VB2014 paper, Bromium researcher Vadim Kotov sketched the possibilities for malicious actors to use web ads to spread exploit kits. Unsurprisingly, malicious actors also… https://www.virusbulletin.com/blog/2017/may/vb2016-paper-uncovering-secrets-malvertising/

VB2016 paper: Building a local passiveDNS capability for malware incident response

At VB2016, Splunk researchers Kathy Wang and Steve Brant presented a Splunk app that can be used to locally collect passive DNS data. A recording of their presentation is now available to view on our YouTube channel.
Anyone who has ever investigated a malware or phishing attack will know the feeling: "if only I could find out what IP address this domain pointed to when the attack took place".… https://www.virusbulletin.com/blog/2017/may/vb2016-paper-building-local-passivedns-capabilityfor-malware-incident-response/

VB2016 video: Last-minute paper: A malicious OS X cocktail served from a tainted bottle

In a VB2016 last-minute presentation, ESET researchers Peter Kalnai and Martin Jirkal looked at the OS X malware threats KeRanger and Keydnap, that both spread through a compromised BitTorrent client. A recording of their presentation is now available to …
Though nowhere near as exotic as it was a few years ago, malware for OS X continues to attract researchers' attention. This was certainly the case for the KeyRanger ransomware and… https://www.virusbulletin.com/blog/2017/04/vb2016-video-last-minute-paper-malicious-os-x-cocktail-served-tainted-bottle/

VB2016 paper: Debugging and monitoring malware network activities with Haka

In their VB2016 paper, Stormshield researchers Benoît Ancel and Mehdi Talbi introduced Haka, an open-source language to monitor, debug and control malicious network traffic. Both their paper and the video recording of their presentation are now available …
Anyone who has ever analysed malware through its network communications will knows that this often involves ad-hoc scripts in languages like Python or Perl to decode the traffic.… https://www.virusbulletin.com/blog/2017/04/vb2016-paper-debugging-and-monitoring-malware-network-activities-haka/

VB2016 paper: One-Click Fileless Infection

Symantec researchers Himanshu Anand and Chastine Menrige explain how a single click can lead to a compromised machine, without malware ever being stored on disk.
Over the last few years, we have seen a sharp increase in 'fileless' infections, where a machine is compromised without a malicious file ever being written to disk. Though not… https://www.virusbulletin.com/blog/2017/03/vb2016-paper-one-click-fileless-infection/

VB2016 paper: APT reports and OPSEC evolution, or: these are not the APT reports you are looking for

APT reports are great for gaining an understanding of how advanced attack groups operate - however, they can also provide free QA for the threat actors. Today, we publish a VB2016 paper by Gadi Evron (Cymmetria) and Inbar Raz (Perimeter X), who discuss wh…
Ever since Mandiant released its APT1 report four years ago, reports on advanced attack groups have been an important fixture in the security industry. These reports are great for… https://www.virusbulletin.com/blog/2017/02/vb2016-paper-apt-reports-and-opsec-evolution-or-these-are-not-apt-reports-you-are-looking/

VB2016 video: Getting duped: piggybacking on webcam streams for surreptitious recordings

In a presentation at VB2016, Patrick Wardle, Director of Research at Synack, discussed the possibilities of Mac malware recording the user via the webcam. Today, we publish the video of Patrick's presentation.
If you are going to be at RSA in San Francisco next week, we highly recommend you attend Patrick Wardle's talk on OS X malware in 2016 – not just because it is important for Mac… https://www.virusbulletin.com/blog/2017/02/vb2016-video-last-minute-paper-getting-duped-piggybacking-webcam-streams-surreptitious-recordings/

VB2016 video: Nymaim: the Untold Story

Until very recently, the Nymaim banking trojan was a serious problem in Poland. Today, we publish the video of the VB2016 presentation by CERT Polska researchers Jarosław Jedynak and Maciej Kotowicz, in which they analyse this malware-dropper-turned-banki…
Every year, the Virus Bulletin conference programme includes a number of 'last-minute' papers: presentations on topics that are so hot, they are added to the programme only a few… https://www.virusbulletin.com/blog/2017/02/vb2016-video-nymaim-untold-story/

VB2016 video: Neverquest: Crime as a Service and On the Hunt for the Big Bucks

At VB2016, Peter Kruse gave a presentation detailing the Neverquest trojan, the alleged author of which was arrested in Spain earlier this month. Today, we publish the recording of Peter's presentation.
Earlier this month, Spanish police officers arrested a Russian national on suspicion of creating the Neverquest banking trojan. Neverquest, also known as Vawtrak, is one of the… https://www.virusbulletin.com/blog/2017/01/vb2016-video-neverquest-crime-service-and-hunt-big-bucks/

VB2016 paper: Great crypto failures

Crypto is hard, and malware authors often make mistakes. At VB2016, Check Point researchers Yaniv Balmas and Ben Herzog discussed the whys and hows of some of the crypto blunders made by malware authors. Today, we publish their paper and the recording of …
"More malware is using cryptography, and more malware is using better cryptography," said Check Point researcher Yaniv Balmas on stage during VB2016. While the increased use of… https://www.virusbulletin.com/blog/2017/01/vb2016-paper-great-crypto-failures/

« Previous 123 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.