VB Blog

VB2018 preview: Cyber Threat Alliance

Posted by Martijn Grooten on Sep 25, 2018

In today's blog post we look at a report on illicit cryptocurrency mining by the Cyber Threat Alliance and also look forward to the VB2018 talk by the CTA's CEO Michael Daniel.

Posted by Martijn Grooten on Sep 21, 2018

In recent years, car hacking has evolved from a mostly theoretical research field involving giggling researchers and scared journalists, to one that actually concerns car owners and manufacturers. On today's blog we preview two VB2018 papers, by Inbar Raz and Spencer Hsieh, that look at the subject of hacking cars.

Posted by Virus Bulletin on Sep 20, 2018

In a guest blog post by VB2018 gold partner Kaspersky Lab, Costin Raiu, Director of the company's Global Research and Analysis Team, looks critically at the 'A' in APT.

Posted by Martijn Grooten on Sep 19, 2018

Today, we preview three VB2018 presentations that look at threats against civil society in general and the use of commercial spyware by governments for this purpose in particular.

Posted by Martijn Grooten on Sep 18, 2018

Today we preview the VB2018 paper by Saher Naumaan (BAE Systems Applied Intelligence) on the use of wipers in APT attacks.

Posted by Martijn Grooten on Sep 17, 2018

The VB2018 programme is packed with a wide range of security topics featuring speakers from all around the world. Today we preview two of them: one by Qihoo 360 researchers on tracking variants of Mirai and one by researchers from Bitdefender on the peer-to-peer Hide'n'Seek botnet.

Posted by Martijn Grooten on Sep 10, 2018

We are excited to announce the final additions to the VB2018 programme in the form of 10 'last-minute' papers covering up-to-the-minute research and hot topics and two more invited talks.

Posted by Martijn Grooten on Sep 7, 2018

At VB2018, AhnLab researcher Minseok Cha will look at activities of the Lazarus Group on the Korean peninsula going back as early as April 2011.

Posted by Virus Bulletin on Sep 6, 2018

Paul Baccas reviews Bruce Schneier's latest thought-provoking book, 'Click Here to Kill Everybody'.

Posted by Martijn Grooten on Sep 3, 2018

A brief analysis by Recorded Future suggests that the volume of spam and new domain registrations hasn't increased since the GDPR came into effect.

Previous1...1718192021...215Next

Search blog

Stalkerware poses particular challenges to anti-virus products

Malware used in domestic abuse situations is a growing threat, and the standard way for anti-virus products to handle such malware may not be good enough. But that doesn't mean there isn't an important role for anti-virus to play.
Did you know that October has been Cyber Security Awareness Month? Of course you did ─ it has been pretty hard to avoid it. But did you know that it has also, at least in the… https://www.virusbulletin.com/blog/2019/10/stalkerware-poses-particular-challenges-anti-virus-products/

Healthcare CERTs highlight the need for security guidance for specific sectors

A new computer emergency response team has been launched in the Netherlands to provide guidance specifically tailored to the healthcare sector. Martijn Grooten welcomes the development.
In February 2016, a US hospital saw a heart operation interrupted by the rebooting of a monitoring PC, caused by anti-virus software running on the machine. The report filed makes… https://www.virusbulletin.com/blog/2018/01/healthcare-certs-show-need-security-guidance-specific-sectors/

Meltdown and Spectre attacks mitigated by operating system updates

Just four days into the new year, two serious attacks in modern processors, dubbed Meltdown and Spectre, have been discovered. The attacks can be mitigated by patches to the operating system, but anti-virus software vendors need to make sure their product…
We wish all our readers a very happy and very secure 2018! The latter part will not come without some serious work though. We are not even four days into the new year and we… https://www.virusbulletin.com/blog/2018/01/meltdown-and-spectre-attacks-mitigated-operating-system-updates/

Conference review: AVAR 2017

Martijn Grooten reports on the 20th AVAR conference, which took place earlier in December in Beijing, China.
The first week of December was packed with security conferences, and VB2017 speakers were busy presenting their research at no fewer than four different events: FIRST in Prague,… https://www.virusbulletin.com/blog/2017/12/conference-review-avar-2017/

Throwback Thursday: The beginning of the end(point): where we are now and where we'll be in five years

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.
Over the coming weeks and months, we plan to use the Throwback Thursday slot to look back at and publish some great VB conference presentations from our archives. We start… https://www.virusbulletin.com/blog/2017/11/vb2017-video-beginning-endpoint-where-we-are-now-and-where-well-be-five-years/

Standalone product test: FireEye Endpoint

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.
FireEye is well known within the security community, both for its advanced protection products and for its regular research reports. Recently, the company launched a new version… https://www.virusbulletin.com/blog/2017/11/standaline-test-fireeye-endpoint/

VB2017 preview: Stuck between a ROC and a hard place

We preview the VB2017 paper by Microsoft's Holly Stewart and Joe Blackbird, which uses data about users switching anti-virus provider to decide whether machine-learning models should favour avoiding false positives over false negatives.
Authors of security software in general, and anti-virus software in particular, have always needed to find the right balance between a high detection rate and a low false positive… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-stuck-between-roc-and-hard-place/

Modern security software is not necessarily powerless against threats like WannaCry

The WannaCry ransomware has affected many organisations around the world, making it probably the worst and most damaging of its kind. But modern security is not necessarily powerless against such threats.
We have become used to the idea of cybersecurity stories sometimes making the mainstream news, but the UK's newspapers across the spectrum, from broadsheets to tabloids, all… https://www.virusbulletin.com/blog/2017/may/modern-security-software-not-powerless-against-threats-wannacry/

The Living Dead Anti-Virus

Should users uninstall their anti-virus products, as was recently suggested by a security expert in a widely shared article? In a guest post, security consultant Hendrik Pilz explains why he doesn't think this is a good idea.
A former director of testing at AV-TEST and a one-time VB conference speaker, security consultant Hendrik Pilz is passionate about the quality of security products. In a guest… https://www.virusbulletin.com/blog/2017/01/living-dead-anti-virus/

Researchers seek ransomware samples for their generic solution

VB2015 presentation to include demonstration of technique against recent samples.
VB2015 presentation to include demonstration of technique against recent samples. 'The scary hack that's on the rise' is how Wired's Kim Zetter described ransomware in an overview… https://www.virusbulletin.com/blog/2015/09/researchers-seek-ransomware-samples-their-generic-solution/

Paper: Hype heuristics, signatures and the death of AV (again)

David Harley responds to anti-malware's many criticasters.
David Harley responds to anti-malware's many criticasters. Anti-virus is dead. After all, in the current threat landscape, who would use a system that relies on signatures of… https://www.virusbulletin.com/blog/2015/08/paper-hype-heuristics-signatures-and-death-av-again/

NSA, GCHQ found to target anti-virus products

Agencies looked for vulnerabilities to exploit and for submitted malware samples.
Agencies looked for vulnerabilities to exploit and for submitted malware samples. New documents from NSA whistle-blower Edward Snowden have revealed the agency and its British… https://www.virusbulletin.com/blog/2015/06/nsa-gchq-found-target-anti-virus-products/

VirusTotal project aims to remediate false positives

Security vendors to receive alerts when legitimate files are detected as malicious.
Security vendors to receive alerts when legitimate files are detected as malicious.False positives are a huge problem for the IT industry in general and for security products in… https://www.virusbulletin.com/blog/2015/02/virustotal-project-aims-remediate-false-positives/

Low VirusTotal detection rates for new malware, do they matter?

It is not as important as is often suggested — and doesn't mean the malware is allowed to execute.
It is not as important as is often suggested — and doesn't mean the malware is allowed to execute. It is fairly common these days for security researchers to write about new… https://www.virusbulletin.com/blog/2015/02/low-virustotal-detection-rates-new-malware-do-they-matter/

Report: VB100 comparative review on Windows 8.1

40 out of 48 tested products earn VB100 award.
40 out of 48 tested products earn VB100 award. If you follow the security news, you may believe that all you have to worry about are nation states using zero-day vulnerabilities to… https://www.virusbulletin.com/blog/2014/11/report-comparative-review-windows-8-1/

The VB2014 presentation you never saw. Early launch Android malware: your phone is 0wned

Malicious apps may have more privileges than security software.
Malicious apps may have more privileges than security software. There are many people without whom a Virus Bulletin conference wouldn't be possible: the VB team, the crew from Cue… https://www.virusbulletin.com/blog/2014/10/presentation-you-never-saw-early-launch-android-malware-your-phone-0wned/

Open letter asks AV companies for openness on surveillance malware

Old issue has become hot topic again following Snowden revelations.
Old issue has become hot topic again following Snowden revelations. A group of experts in privacy and digital rights has sent an open letter (pdf) to a number of anti-virus… https://www.virusbulletin.com/blog/2013/10/open-letter-asks-av-companies-openness-surveillance-malware/

US lifts ban on anti-virus software for Iran

Eased restrictions welcomed by security experts.
Eased restrictions welcomed by security experts. The United States has announced it has eased export restrictions to Iran, and now allows for the export of mobile phones and… https://www.virusbulletin.com/blog/2013/05/us-lifts-ban-anti-virus-software-iran/

Anti-virus software significantly shortens life of banking trojans

Security software causes malware to run for less than a third as long.
Security software causes malware to run for less than a third as long. 'Does anti-virus software actually help?' is a question often asked, even by security experts - who point to… https://www.virusbulletin.com/blog/2012/10/anti-virus-software-significantly-shortens-life-banking-trojans/

Fake codec trojan disables anti-virus software

Victim tricked into believing security software still active.
Victim tricked into believing security software still active. A new trojan, discovered by researchers at ESET, spreads itself via fake codecs, then disables running anti-virus… https://www.virusbulletin.com/blog/2011/08/fake-codec-trojan-disables-anti-virus-software/

« Previous 12 Next »