VB Blog

VB2018 presentation: The wolf in sheep's clothing - undressed

Posted by   Martijn Grooten on   Oct 22, 2018

Today, we publish the video of the VB2018 presentation by CSIS researchers Benoît Ancel and Aleksejs Kuprins, who looked at a rather dubious seller of government spyware, described by someone else operating in the same space as a "criminal of the worst kind".

Read more  

VB2018 paper: The dark side of WebAssembly

Posted by   Virus Bulletin on   Oct 17, 2018

Today, we publish the VB2018 paper by Symantec researchers Aishwarya Lonkar and Siddhesh Chandrayan on the security risks that come with WebAssembly.

Read more  

The Virus Bulletin conference returns home: VB2019 to take place in London

Posted by   Martijn Grooten on   Oct 5, 2018

In 2019, the Virus Bulletin conference is set to return home, with VB2019 taking place in London, UK.

Read more  

Guest blog: The case for increasing transparency in cybersecurity

Posted by   Virus Bulletin on   Oct 2, 2018

In a guest blog post, Kaspersky Lab's Anton Shingarev considers the case for increasing transparency in cybersecurity.

Read more  

VB2018 preview: Workshops

Posted by   Martijn Grooten on   Sep 28, 2018

Workshops make their VB Conference debut during VB2018, giving delegates the opportunity to learn the basics of kernel-level malware analysis, Android reverse-engineering and artificial intelligence.

Read more  

New article: Through the looking glass: webcam interception and protection in kernel mode

Posted by   Martijn Grooten on   Sep 27, 2018

Today we publish a short article by Ronen Slavin and Michael Maltsev, researchers at Reason Software Company, who dive into the video capturing internals on Windows, and explain how this can be used by a malicious actor to steal images recorded by a computer's webcam.

Read more  

VB2018 preview: The botnet landscape - live threats and steps for mitigation (Small Talk)

Posted by   Martijn Grooten on   Sep 27, 2018

In a Small Talk at VB2018, Spamhaus's Simon Forster will present the organization's research into the botnet landscape and will discuss with the audience topics such as how the rise of anonymzation techniques and the hosting of botnets on well-regarded cloud providers have changed the landscape.

Read more  

VB2018 Threat Intelligence Summit: survey on threat intel usage

Posted by   Virus Bulletin on   Sep 26, 2018

Virus Bulletin is proud to host the first Threat Intelligence Summit as an integral part of VB2018 next week. In a bid to help collect as much current data as possible, we'd like to ask anyone generating or consuming threat intelligence to fill in a very short survey.

Read more  

VB2018 preview: Anatomy of an attack: detecting and defeating CRASHOVERRIDE

Posted by   Martijn Grooten on   Sep 26, 2018

In today's blog post, we preview the VB2018 paper by Dragos Inc.'s Joe Slowik, who looks at the CRASHOVERRIDE malware, the first (publicly known) malware designed to impact electric grid operations.

Read more  

VB2018 preview: Cyber Threat Alliance

Posted by   Martijn Grooten on   Sep 25, 2018

In today's blog post we look at a report on illicit cryptocurrency mining by the Cyber Threat Alliance and also look forward to the VB2018 talk by the CTA's CEO Michael Daniel.

Read more  
Previous1...1617181920...215Next

Search blog

VB2019 paper: Pulling the PKPLUG: the adversary playbook for the long-standing espionage activity of a Chinese nation state adversary

The activities of China-based threat actor PKPLUG were detailed in a VB2019 paper by Palo Alto Networks researcher Alex Hinchliffe, who described the playbook of this long-standing adversary. Today we publish both Alex's paper and the recording of his pre…
Pulling the PKPLUG: the adversary playbook for the long-standing espionage activity of a Chinese nation-state adversary Read the paper (HTML) Download the paper (PDF)    … https://www.virusbulletin.com/blog/2020/03/vb2019-paper-pulling-pkplug-adversary-playbook-long-standing-espionage-activity-chinese-nation-state-adversary/

VB2019 paper: Exploring the Chinese DDoS landscape

China has long been a hotbed of DDoS activities, and today we publish a VB2019 paper by Intezer researcher Nacho Sanmillan who looked at Chinese threat groups engaged in performing DDoS attacks. We have also uploaded the recording of his presentation.
Exploring the Chinese DDoS landscape Read the paper (HTML) Download the paper (PDF)       China has long been a hotbed of DDoS activities, with several groups… https://www.virusbulletin.com/blog/2019/12/vb2019-paper-exploring-chinese-ddos-landscape/

Conference review: AVAR 2017

Martijn Grooten reports on the 20th AVAR conference, which took place earlier in December in Beijing, China.
The first week of December was packed with security conferences, and VB2017 speakers were busy presenting their research at no fewer than four different events: FIRST in Prague,… https://www.virusbulletin.com/blog/2017/12/conference-review-avar-2017/

By removing VPNs from its Chinese App Store, Apple turns its biggest security asset against its users

To comply with Chinese laws, Apple has removed all iOS VPN apps from its Chinese app store. This means that the company uses iOS's strongest security asset, its tightly controlled App Store, against its own users.
A little over a month ago, Apple's iPhone celebrated its tenth birthday. The iPhone has been one of the biggest commercial success stories ever, but it has also been a great… https://www.virusbulletin.com/blog/2017/08/removing-vpns-its-chinese-app-store-apple-turns-its-biggest-security-asset-aggasnt-its-users/

Small Talks return to the Virus Bulletin Conference

Following their success last year, this year a series of "Small Talks" return to the VB2016 conference programme. We are pleased to announce the details of six of these talks, covering subjects that range from the Chinese cybercriminal underground to Andr…
VB2015 was the 25th Virus Bulletin conference and, to celebrate the occasion, we added a third stream to the programme. Dubbed "Small Talks", these talks were longer than those on… https://www.virusbulletin.com/blog/2016/08/small-talks-return-virus-bulletin-conference/

WireLurker malware infects iOS devices through OS X

Non-jailbroken devices infected via enterprise provisioning program.
Non-jailbroken devices infected via enterprise provisioning program. Researchers at Palo Alto Networks have published a research paper (PDF) analysing the 'WireLurker' malware that… https://www.virusbulletin.com/blog/2014/11/wirelurker-malware-infects-ios-devices-through-os-x/

Hundreds of APTs linked to Chinese Army department

'Unit 61398' employs hundreds of people.
'Unit 61398' employs hundreds of people. A new report by security firm Mandiant links a large number of cyber-espionage cases to a department of the Chinese army. The report is… https://www.virusbulletin.com/blog/2013/02/hundreds-apts-linked-chinese-army-department/

Significant rise in Chinese phishing sites

Phishers shown to care little about domain names.
Phishers shown to care little about domain names. In its latest 'Global Phishing Survey', the Anti-Phishing Working Group (APWG) reports a significant increase in phishing sites… https://www.virusbulletin.com/blog/2011/11/significant-rise-chinese-phishing-sites/

Chinese whispers of malware writing and bribery in the industry

As China corruption scandals rumble on, more rumours of malware writers in AV firms surface.
As China corruption scandals rumble on, more rumours of malware writers in AV firms surface. Several recent stories in the media have revolved around China and malware writers,… https://www.virusbulletin.com/blog/2010/12/chinese-whispers-malware-writing-and-bribery-industry/

More than 1 million Chinese phones infected with malware

Mobile botnet sending out SMS spam.
Mobile botnet sending out SMS spam. Over one million mobile phones in China have been infected with malware and are sending out SMS spam, the Shanghai Daily reports. Masquerading… https://www.virusbulletin.com/blog/2010/11/more-1-million-chinese-phones-infected-malware/

Spammers move from China to Russia

Stricter rules on registering .cn domains leads to increase in malicious .ru domains.
Stricter rules on registering .cn domains leads to increase in malicious .ru domains. A change in the rules of the organization responsible for registering .cn domains has resulted… https://www.virusbulletin.com/blog/2010/02/spammers-move-china-russia/

China hosting over half of malicious sites

StopBadware.org report highlights Chinese dominance in web malware.
StopBadware.org report highlights Chinese dominance in web malware. A report from StopBadware.org released last week found that 52% of malicious websites were hosted in China, with… https://www.virusbulletin.com/blog/2008/06/china-hosting-over-half-malicious-sites/

China-Tibet row spills over into malware attacks

Both sides of debate targeted to spread malicious code.
Both sides of debate targeted to spread malicious code. With the political row over China's involvement in Tibet continuing to make the headlines, cybercriminals have been as quick… https://www.virusbulletin.com/blog/2008/04/china-tibet-row-spills-over-malware-attacks/

UK spooks spooked by possible Chinese hacking

MI5 warns of suspected corporate espionage onslaught.
MI5 warns of suspected corporate espionage onslaught. The UK security service MI5 has issued an alert to 300 leading firms, warning them to ensure best possible security measures… https://www.virusbulletin.com/blog/2007/12/uk-spooks-spooked-possible-chinese-hacking/

Infected Seagate hard drives sold in Taiwan

External Maxtor disks shipped carrying autorun datastealer.
External Maxtor disks shipped carrying autorun datastealer. A shipment of Maxtor external hard drives, produced in Thailand by US-based Seagate and sold in Taiwan, has been found… https://www.virusbulletin.com/blog/2007/11/infected-seagate-hard-drives-sold-taiwan/

Fujacks/Panda virus authors sentenced, offered job

Fujacks author put away for four years.
Fujacks author put away for four years. Four men who were charged last month with writing, selling and spreading the W32/Fujacks virus and worm (a.k.a. the 'Panda burning… https://www.virusbulletin.com/blog/2007/09/fujacks-panda-virus-authors-sentenced-offered-job/

China denies Pentagon hacking claims

'Hacked by Chinese' row rumbles on.
'Hacked by Chinese' row rumbles on. The Chinese government has vigorously denied accusations, made in a report in UK newspaper The Financial Times on Monday, that Chinese hackers… https://www.virusbulletin.com/blog/2007/09/china-denies-pentagon-hacking-claims/

Four charged with writing Fujacks

Malware authors and sellers appear in Chinese court.
Malware authors and sellers appear in Chinese court. Four men have appeared in a public court in Hubei Province, China, charged with writing, selling and spreading the W32/Fujacks… https://www.virusbulletin.com/blog/2007/08/four-charged-writing-fujacks/

China steps up fight against spammers

Blacklist aims to reduce massive spamming levels.
Blacklist aims to reduce massive spamming levels. Chinese web organisation the Internet Society of China (ISC) has announced the setting up of a central anti-spam blacklist, to… https://www.virusbulletin.com/blog/2007/06/china-steps-fight-against-spammers/

Symantec sued for false positive

Chinese FP issue leads to court case.
Chinese FP issue leads to court case. A Chinese lawyer has begun court proceedings against security firm Symantec, claiming damages as a result of the widely-publicised false… https://www.virusbulletin.com/blog/2007/06/symantec-sued-false-positive/

« Previous 12 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.