VB Blog

Security advice in the wake of WannaCry and Not(Petya)

Posted by Martijn Grooten on Jun 30, 2017

As WannaCry and (Not)Petya have shown, malware attacks can do a lot of damage. So is staying safe just a case of following good security advice?

Posted by Martijn Grooten on Jun 29, 2017

Whether you call it Petya, NotPetya, Nyetya or Petna, there are still many mysteries surrounding the malware that has been causing havoc around the world.

Posted by Martijn Grooten on Jun 28, 2017

This week, the Early Bird discount for VB2017 comes to an end - so, for a 10% saving on the cost of full price registration, make sure you register now!

Posted by Martijn Grooten on Jun 23, 2017

Last year, Kaspersky Lab researcher Santiago Pontiroli and PwC's Bart Parys presented a VB2016 paper analysing the malicious threats faced by users of the Steam online gaming platform, and highlighting how organized criminals are making money with these profitable schemes. Today, we publish the paper.

Posted by Martijn Grooten on Jun 22, 2017

Researchers at Cisco have published a paper describing how it may be possible to use machine learning to distinguish malware command-and-control traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C&C traffic.

Posted by Martijn Grooten on Jun 20, 2017

After five years of exploitation in a wide variety of attacks, CVE-2012-0158 may have found a successor in CVE-2017-0199, which is taking the Office exploit scene by storm.

Posted by Martijn Grooten on Jun 19, 2017

Virus Bulletin was a proud sponsor of BSides London 2017 - Martijn Grooten reports on a great event.

Posted by Martijn Grooten on Jun 15, 2017

It is well known that the problem of cybersecurity is a global one that affects users worldwide - but it's also one that has some unique local flavours. With speakers representing at least 24 countries, VB2017 is one of the most international security conferences on the circuit, allowing attendees to hear the viewpoints of experts from around the world. Register before 1 July and receive a 10% Early Bird discount.

Posted by Martijn Grooten on Jun 12, 2017

Qakbot or Qbot, is a banking trojan that makes the news every once in a while and was the subject of a VB2016 paper by Intel Security researchers Sanchit Karve, Guilherme Venere and Mark Olea. In it, they provided a detailed analysis of the Pinkslipbot/Qakbot trojan and its then latest campaign. Their full paper is now available to download or read online.

Posted by Martijn Grooten on Jun 2, 2017

VB Editor Martijn Grooten reviews Finn Brunton's book 'Spam: A Shadow History of the Internet'.

Previous1...3435363738...215Next

Search blog

Stalkerware poses particular challenges to anti-virus products

Malware used in domestic abuse situations is a growing threat, and the standard way for anti-virus products to handle such malware may not be good enough. But that doesn't mean there isn't an important role for anti-virus to play.
Did you know that October has been Cyber Security Awareness Month? Of course you did ─ it has been pretty hard to avoid it. But did you know that it has also, at least in the… https://www.virusbulletin.com/blog/2019/10/stalkerware-poses-particular-challenges-anti-virus-products/

Healthcare CERTs highlight the need for security guidance for specific sectors

A new computer emergency response team has been launched in the Netherlands to provide guidance specifically tailored to the healthcare sector. Martijn Grooten welcomes the development.
In February 2016, a US hospital saw a heart operation interrupted by the rebooting of a monitoring PC, caused by anti-virus software running on the machine. The report filed makes… https://www.virusbulletin.com/blog/2018/01/healthcare-certs-show-need-security-guidance-specific-sectors/

Meltdown and Spectre attacks mitigated by operating system updates

Just four days into the new year, two serious attacks in modern processors, dubbed Meltdown and Spectre, have been discovered. The attacks can be mitigated by patches to the operating system, but anti-virus software vendors need to make sure their product…
We wish all our readers a very happy and very secure 2018! The latter part will not come without some serious work though. We are not even four days into the new year and we… https://www.virusbulletin.com/blog/2018/01/meltdown-and-spectre-attacks-mitigated-operating-system-updates/

Conference review: AVAR 2017

Martijn Grooten reports on the 20th AVAR conference, which took place earlier in December in Beijing, China.
The first week of December was packed with security conferences, and VB2017 speakers were busy presenting their research at no fewer than four different events: FIRST in Prague,… https://www.virusbulletin.com/blog/2017/12/conference-review-avar-2017/

Throwback Thursday: The beginning of the end(point): where we are now and where we'll be in five years

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.
Over the coming weeks and months, we plan to use the Throwback Thursday slot to look back at and publish some great VB conference presentations from our archives. We start… https://www.virusbulletin.com/blog/2017/11/vb2017-video-beginning-endpoint-where-we-are-now-and-where-well-be-five-years/

Standalone product test: FireEye Endpoint

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.
FireEye is well known within the security community, both for its advanced protection products and for its regular research reports. Recently, the company launched a new version… https://www.virusbulletin.com/blog/2017/11/standaline-test-fireeye-endpoint/

VB2017 preview: Stuck between a ROC and a hard place

We preview the VB2017 paper by Microsoft's Holly Stewart and Joe Blackbird, which uses data about users switching anti-virus provider to decide whether machine-learning models should favour avoiding false positives over false negatives.
Authors of security software in general, and anti-virus software in particular, have always needed to find the right balance between a high detection rate and a low false positive… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-stuck-between-roc-and-hard-place/

Modern security software is not necessarily powerless against threats like WannaCry

The WannaCry ransomware has affected many organisations around the world, making it probably the worst and most damaging of its kind. But modern security is not necessarily powerless against such threats.
We have become used to the idea of cybersecurity stories sometimes making the mainstream news, but the UK's newspapers across the spectrum, from broadsheets to tabloids, all… https://www.virusbulletin.com/blog/2017/may/modern-security-software-not-powerless-against-threats-wannacry/

The Living Dead Anti-Virus

Should users uninstall their anti-virus products, as was recently suggested by a security expert in a widely shared article? In a guest post, security consultant Hendrik Pilz explains why he doesn't think this is a good idea.
A former director of testing at AV-TEST and a one-time VB conference speaker, security consultant Hendrik Pilz is passionate about the quality of security products. In a guest… https://www.virusbulletin.com/blog/2017/01/living-dead-anti-virus/

Researchers seek ransomware samples for their generic solution

VB2015 presentation to include demonstration of technique against recent samples.
VB2015 presentation to include demonstration of technique against recent samples. 'The scary hack that's on the rise' is how Wired's Kim Zetter described ransomware in an overview… https://www.virusbulletin.com/blog/2015/09/researchers-seek-ransomware-samples-their-generic-solution/

Paper: Hype heuristics, signatures and the death of AV (again)

David Harley responds to anti-malware's many criticasters.
David Harley responds to anti-malware's many criticasters. Anti-virus is dead. After all, in the current threat landscape, who would use a system that relies on signatures of… https://www.virusbulletin.com/blog/2015/08/paper-hype-heuristics-signatures-and-death-av-again/

NSA, GCHQ found to target anti-virus products

Agencies looked for vulnerabilities to exploit and for submitted malware samples.
Agencies looked for vulnerabilities to exploit and for submitted malware samples. New documents from NSA whistle-blower Edward Snowden have revealed the agency and its British… https://www.virusbulletin.com/blog/2015/06/nsa-gchq-found-target-anti-virus-products/

VirusTotal project aims to remediate false positives

Security vendors to receive alerts when legitimate files are detected as malicious.
Security vendors to receive alerts when legitimate files are detected as malicious.False positives are a huge problem for the IT industry in general and for security products in… https://www.virusbulletin.com/blog/2015/02/virustotal-project-aims-remediate-false-positives/

Low VirusTotal detection rates for new malware, do they matter?

It is not as important as is often suggested — and doesn't mean the malware is allowed to execute.
It is not as important as is often suggested — and doesn't mean the malware is allowed to execute. It is fairly common these days for security researchers to write about new… https://www.virusbulletin.com/blog/2015/02/low-virustotal-detection-rates-new-malware-do-they-matter/

Report: VB100 comparative review on Windows 8.1

40 out of 48 tested products earn VB100 award.
40 out of 48 tested products earn VB100 award. If you follow the security news, you may believe that all you have to worry about are nation states using zero-day vulnerabilities to… https://www.virusbulletin.com/blog/2014/11/report-comparative-review-windows-8-1/

The VB2014 presentation you never saw. Early launch Android malware: your phone is 0wned

Malicious apps may have more privileges than security software.
Malicious apps may have more privileges than security software. There are many people without whom a Virus Bulletin conference wouldn't be possible: the VB team, the crew from Cue… https://www.virusbulletin.com/blog/2014/10/presentation-you-never-saw-early-launch-android-malware-your-phone-0wned/

Open letter asks AV companies for openness on surveillance malware

Old issue has become hot topic again following Snowden revelations.
Old issue has become hot topic again following Snowden revelations. A group of experts in privacy and digital rights has sent an open letter (pdf) to a number of anti-virus… https://www.virusbulletin.com/blog/2013/10/open-letter-asks-av-companies-openness-surveillance-malware/

US lifts ban on anti-virus software for Iran

Eased restrictions welcomed by security experts.
Eased restrictions welcomed by security experts. The United States has announced it has eased export restrictions to Iran, and now allows for the export of mobile phones and… https://www.virusbulletin.com/blog/2013/05/us-lifts-ban-anti-virus-software-iran/

Anti-virus software significantly shortens life of banking trojans

Security software causes malware to run for less than a third as long.
Security software causes malware to run for less than a third as long. 'Does anti-virus software actually help?' is a question often asked, even by security experts - who point to… https://www.virusbulletin.com/blog/2012/10/anti-virus-software-significantly-shortens-life-banking-trojans/

Fake codec trojan disables anti-virus software

Victim tricked into believing security software still active.
Victim tricked into believing security software still active. A new trojan, discovered by researchers at ESET, spreads itself via fake codecs, then disables running anti-virus… https://www.virusbulletin.com/blog/2011/08/fake-codec-trojan-disables-anti-virus-software/

« Previous 12 Next »