VB Blog

Five tips for submitting to Calls for Papers

Posted by   Martijn Grooten on   Aug 9, 2017

With the VB2017 Call for Papers out, here are five tips to increase your chances of getting your submission accepted.

Read more  

The WannaCry kill switch wasn't inserted to make someone a hero

Posted by   Martijn Grooten on   Aug 8, 2017

Following the arrest of WannaCry hero Marcus Hutchings, suggestions have been made that he was behind the WannaCry malware itself, and that he inserted the kill switch to make himself a hero. This seems highly unlikely.

Read more  

Throwback Thursday: Ten memorable Virus Bulletin conference presentations - part 1

Posted by   Martijn Grooten on   Aug 3, 2017

In a two-part blog post series, we look back at ten memorable VB conference presentations from the past ten years.

Read more  

Worms wiggling inside your networks are a lot harder to stop

Posted by   Martijn Grooten on   Aug 3, 2017

The authors of the Trickbot banking trojan seem to have taken note of the use of SMB by WannaCry and (Not)Petya and have added an (experimental) module that uses SMB for lateral movement.

Read more  

VB2017 drinks reception to be hosted in Madrid's unique Geographic Club

Posted by   Martijn Grooten on   Aug 1, 2017

To give those attending VB2017 Madrid a chance to experience a little bit of the host city, the VB2017 drinks reception will be held at the unique and fascinating Geographic Club.

Read more  

By removing VPNs from its Chinese App Store, Apple turns its biggest security asset against its users

Posted by   Martijn Grooten on   Aug 1, 2017

To comply with Chinese laws, Apple has removed all iOS VPN apps from its Chinese app store. This means that the company uses iOS's strongest security asset, its tightly controlled App Store, against its own users.

Read more  

VB2017 Small Talks and reserve papers announced

Posted by   Martijn Grooten on   Jul 28, 2017

Today we announce the first two Small Talks for the VB2017 programme: ENISA will provide its perspective on the WannaCry outbreak and the lessons learned from it, while David Harley will talk about the past and present of security product testing.

Read more  

NoMoreRansom's first birthday demonstrates importance of collaboration

Posted by   Martijn Grooten on   Jul 27, 2017

This week the NoMoreRansom project celebrated its first birthday. It has already helped many victims of ransomware with advice and tools and is an excellent example of collaboration between private and public partners in IT security.

Read more  

VB2017 call for last-minute papers opened

Posted by   Martijn Grooten on   Jul 26, 2017

Today, we open the call for last-minute papers for VB2017. Submit before 3 September to have your abstract considered for one of the ten slots reserved for 'hot' research.

Read more  

Five reasons to come to VB2017 in Madrid

Posted by   Martijn Grooten on   Jul 25, 2017

We're not ones to make bold claims about our conference, and we suggest you ask past attendees for their opinion, but here are five reasons why we think you should come to VB2017 in Madrid.

Read more  
Previous1...3233343536...215Next

Search blog

VB2019 paper: Pulling the PKPLUG: the adversary playbook for the long-standing espionage activity of a Chinese nation state adversary

The activities of China-based threat actor PKPLUG were detailed in a VB2019 paper by Palo Alto Networks researcher Alex Hinchliffe, who described the playbook of this long-standing adversary. Today we publish both Alex's paper and the recording of his pre…
Pulling the PKPLUG: the adversary playbook for the long-standing espionage activity of a Chinese nation-state adversary Read the paper (HTML) Download the paper (PDF)    … https://www.virusbulletin.com/blog/2020/03/vb2019-paper-pulling-pkplug-adversary-playbook-long-standing-espionage-activity-chinese-nation-state-adversary/

VB2019 paper: Exploring the Chinese DDoS landscape

China has long been a hotbed of DDoS activities, and today we publish a VB2019 paper by Intezer researcher Nacho Sanmillan who looked at Chinese threat groups engaged in performing DDoS attacks. We have also uploaded the recording of his presentation.
Exploring the Chinese DDoS landscape Read the paper (HTML) Download the paper (PDF)       China has long been a hotbed of DDoS activities, with several groups… https://www.virusbulletin.com/blog/2019/12/vb2019-paper-exploring-chinese-ddos-landscape/

Conference review: AVAR 2017

Martijn Grooten reports on the 20th AVAR conference, which took place earlier in December in Beijing, China.
The first week of December was packed with security conferences, and VB2017 speakers were busy presenting their research at no fewer than four different events: FIRST in Prague,… https://www.virusbulletin.com/blog/2017/12/conference-review-avar-2017/

By removing VPNs from its Chinese App Store, Apple turns its biggest security asset against its users

To comply with Chinese laws, Apple has removed all iOS VPN apps from its Chinese app store. This means that the company uses iOS's strongest security asset, its tightly controlled App Store, against its own users.
A little over a month ago, Apple's iPhone celebrated its tenth birthday. The iPhone has been one of the biggest commercial success stories ever, but it has also been a great… https://www.virusbulletin.com/blog/2017/08/removing-vpns-its-chinese-app-store-apple-turns-its-biggest-security-asset-aggasnt-its-users/

Small Talks return to the Virus Bulletin Conference

Following their success last year, this year a series of "Small Talks" return to the VB2016 conference programme. We are pleased to announce the details of six of these talks, covering subjects that range from the Chinese cybercriminal underground to Andr…
VB2015 was the 25th Virus Bulletin conference and, to celebrate the occasion, we added a third stream to the programme. Dubbed "Small Talks", these talks were longer than those on… https://www.virusbulletin.com/blog/2016/08/small-talks-return-virus-bulletin-conference/

WireLurker malware infects iOS devices through OS X

Non-jailbroken devices infected via enterprise provisioning program.
Non-jailbroken devices infected via enterprise provisioning program. Researchers at Palo Alto Networks have published a research paper (PDF) analysing the 'WireLurker' malware that… https://www.virusbulletin.com/blog/2014/11/wirelurker-malware-infects-ios-devices-through-os-x/

Hundreds of APTs linked to Chinese Army department

'Unit 61398' employs hundreds of people.
'Unit 61398' employs hundreds of people. A new report by security firm Mandiant links a large number of cyber-espionage cases to a department of the Chinese army. The report is… https://www.virusbulletin.com/blog/2013/02/hundreds-apts-linked-chinese-army-department/

Significant rise in Chinese phishing sites

Phishers shown to care little about domain names.
Phishers shown to care little about domain names. In its latest 'Global Phishing Survey', the Anti-Phishing Working Group (APWG) reports a significant increase in phishing sites… https://www.virusbulletin.com/blog/2011/11/significant-rise-chinese-phishing-sites/

Chinese whispers of malware writing and bribery in the industry

As China corruption scandals rumble on, more rumours of malware writers in AV firms surface.
As China corruption scandals rumble on, more rumours of malware writers in AV firms surface. Several recent stories in the media have revolved around China and malware writers,… https://www.virusbulletin.com/blog/2010/12/chinese-whispers-malware-writing-and-bribery-industry/

More than 1 million Chinese phones infected with malware

Mobile botnet sending out SMS spam.
Mobile botnet sending out SMS spam. Over one million mobile phones in China have been infected with malware and are sending out SMS spam, the Shanghai Daily reports. Masquerading… https://www.virusbulletin.com/blog/2010/11/more-1-million-chinese-phones-infected-malware/

Spammers move from China to Russia

Stricter rules on registering .cn domains leads to increase in malicious .ru domains.
Stricter rules on registering .cn domains leads to increase in malicious .ru domains. A change in the rules of the organization responsible for registering .cn domains has resulted… https://www.virusbulletin.com/blog/2010/02/spammers-move-china-russia/

China hosting over half of malicious sites

StopBadware.org report highlights Chinese dominance in web malware.
StopBadware.org report highlights Chinese dominance in web malware. A report from StopBadware.org released last week found that 52% of malicious websites were hosted in China, with… https://www.virusbulletin.com/blog/2008/06/china-hosting-over-half-malicious-sites/

China-Tibet row spills over into malware attacks

Both sides of debate targeted to spread malicious code.
Both sides of debate targeted to spread malicious code. With the political row over China's involvement in Tibet continuing to make the headlines, cybercriminals have been as quick… https://www.virusbulletin.com/blog/2008/04/china-tibet-row-spills-over-malware-attacks/

UK spooks spooked by possible Chinese hacking

MI5 warns of suspected corporate espionage onslaught.
MI5 warns of suspected corporate espionage onslaught. The UK security service MI5 has issued an alert to 300 leading firms, warning them to ensure best possible security measures… https://www.virusbulletin.com/blog/2007/12/uk-spooks-spooked-possible-chinese-hacking/

Infected Seagate hard drives sold in Taiwan

External Maxtor disks shipped carrying autorun datastealer.
External Maxtor disks shipped carrying autorun datastealer. A shipment of Maxtor external hard drives, produced in Thailand by US-based Seagate and sold in Taiwan, has been found… https://www.virusbulletin.com/blog/2007/11/infected-seagate-hard-drives-sold-taiwan/

Fujacks/Panda virus authors sentenced, offered job

Fujacks author put away for four years.
Fujacks author put away for four years. Four men who were charged last month with writing, selling and spreading the W32/Fujacks virus and worm (a.k.a. the 'Panda burning… https://www.virusbulletin.com/blog/2007/09/fujacks-panda-virus-authors-sentenced-offered-job/

China denies Pentagon hacking claims

'Hacked by Chinese' row rumbles on.
'Hacked by Chinese' row rumbles on. The Chinese government has vigorously denied accusations, made in a report in UK newspaper The Financial Times on Monday, that Chinese hackers… https://www.virusbulletin.com/blog/2007/09/china-denies-pentagon-hacking-claims/

Four charged with writing Fujacks

Malware authors and sellers appear in Chinese court.
Malware authors and sellers appear in Chinese court. Four men have appeared in a public court in Hubei Province, China, charged with writing, selling and spreading the W32/Fujacks… https://www.virusbulletin.com/blog/2007/08/four-charged-writing-fujacks/

China steps up fight against spammers

Blacklist aims to reduce massive spamming levels.
Blacklist aims to reduce massive spamming levels. Chinese web organisation the Internet Society of China (ISC) has announced the setting up of a central anti-spam blacklist, to… https://www.virusbulletin.com/blog/2007/06/china-steps-fight-against-spammers/

Symantec sued for false positive

Chinese FP issue leads to court case.
Chinese FP issue leads to court case. A Chinese lawyer has begun court proceedings against security firm Symantec, claiming damages as a result of the widely-publicised false… https://www.virusbulletin.com/blog/2007/06/symantec-sued-false-positive/

« Previous 12 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.