VB Blog

VB2019 paper: We need to talk - opening a discussion about ethics in infosec

Posted by   Martijn Grooten on   Nov 1, 2019

Those working in the field of infosec are often faced with ethical dilemmas that are impossible to avoid. Today, we publish a VB2019 paper by Kaspersky researcher Ivan Kwiatkowski looking at ethics in infosec as well as the recording of Ivan's presentation.

Read more  

Stalkerware poses particular challenges to anti-virus products

Posted by   Martijn Grooten on   Oct 31, 2019

Malware used in domestic abuse situations is a growing threat, and the standard way for anti-virus products to handle such malware may not be good enough. But that doesn't mean there isn't an important role for anti-virus to play.

Read more  

VB2019 paper: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry

Posted by   Martijn Grooten on   Oct 28, 2019

Today we publish the VB2019 paper by RiskIQ researcher Yonathan Klijnsma, who looked at the Magecart web-skimming attacks.

Read more  

VB2019 videos: partner presentations

Posted by   Martijn Grooten on   Oct 25, 2019

Today, we publish the videos of the VB2019 partner presentations by Michael Maltsev (Reason Cybersecurity) on webcam interception and protection, and by Jean-Ian Boutin and Anton Cherepanov (ESET) on the Buhtrap group.

Read more  

VB tests the web security products that play an important role in fending off web-based threats

Posted by   Martijn Grooten on   Oct 24, 2019

The web continues to be a major infection vector for malware and credential-stealing threats. In the VBWeb tests, we measure products' ability to block such threats and certify products that perform a good job at doing so.

Read more  

VB2019 papers: Emotet and Ryuk

Posted by   Martijn Grooten on   Oct 23, 2019

Today we publish VB2019 papers by Luca Nagy (Sophos) on Emotet and Gabriela Nicolao and Luciano Martins (Deloitte) on Ryuk, as well as the corresponding videos of their presentations.

Read more  

Responsible madness?

Posted by   Virus Bulletin on   Oct 22, 2019

The debate on responsible disclosure is about as old as IT security itself. In a guest post for Virus Bulletin Robert Neumann suggests we need to reconsider a one-size-fits-all solution and instead look for a well-respected independent organization to handle security issues.

Read more  

VB2019 paper: Geost botnet. The story of the discovery of a new Android banking trojan from an OpSec error

Posted by   Martijn Grooten on   Oct 21, 2019

OpSec mistakes are what lead to many malware discoveries, and in the case of the Geost Android botnet the mistake was a really interesting one. Today we publish the VB2019 paper by Sebastian García, Maria Jose Erquiaga and Anna Shirokova on the Geost botnet, as well as the recording of Sebastian and Anna presenting their research in London.

Read more  

Analysis of malware responsible for sextortion spam that mines for Monero on the side

Posted by   Virus Bulletin on   Oct 14, 2019

VB2019 Platinum partner Reason Cybersecurity presents a threat analysis report on the Save Yourself malware.

Read more  

Guest blog: Threat intelligence – a unifying force of the future

Posted by   Virus Bulletin on   Oct 4, 2019

In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence.

Read more  
Previous1...89101112...215Next

Search blog

DMARC: an imperfect solution that can make a big difference

US Senator Ron Wyden has asked the Department of Homeland Security to implement DMARC. Martijn Grooten looks at what difference this could make for phishing attacks impersonating the US federal governent.
US Senator Ron Wyden has written a letter (pdf) to the Department of Homeland Security, urging the US government to implement DMARC to "ensure hackers cannot send emails that… https://www.virusbulletin.com/blog/2017/07/dmarc-imperfect-solution-can-make-big-difference/

TorrentLocker spam has DMARC enabled

Use of email authentication technique unlikely to bring any advantage.
Use of email authentication technique unlikely to bring any advantage. Last week, Trend Micro researcher Jon Oliver (who presented a paper on Twitter abuse at VB2014) wrote an… https://www.virusbulletin.com/blog/2015/03/torrentlocker-spam-has-dmarc-enabled/

Impressive results in latest VBSpam test

Excellent performances in spam filter test - plus evidence of a correlation between spam 'passing' SPF and an increased delivery rate.
Excellent performances in spam filter test - plus evidence of a correlation between spam 'passing' SPF and an increased delivery rate. No fewer than ten anti-spam solutions… https://www.virusbulletin.com/blog/2013/02/impressive-results-latest-vbspam-test/

EU report suggests 95% of email is spam

Less than five per cent of all SMTP connections result in an email being delivered into a user's inbox.
Less than five per cent of all SMTP connections result in an email being delivered into a user's inbox. A survey carried out by the European Network and Information Security Agency… https://www.virusbulletin.com/blog/2010/01/eu-report-suggests-95-email-spam/

VB announces latest VBSpam certification results

Two products achieve top level VBSpam Platinum award.
Two products achieve top level VBSpam Platinum award. Virus Bulletin has announced the results of its second comparative review of anti-spam products, revealing two top-level… https://www.virusbulletin.com/blog/2009/07/vb-announces-latest-vbspam-certification-results/

DKIM usage shows significant growth

US banks urged to use authentication method
US banks urged to use authentication method In a report on its website, Internet giant Cisco states it has been seeing almost 700,000 non-spam messages that contain valid DKIM… https://www.virusbulletin.com/blog/2009/06/dkim-usage-shows-significant-growth/

Unsafe computing in abundance

Reports and statistics on unsafe computing practices.
Reports and statistics on unsafe computing practices. Last month saw a flurry of reports and statistics on unsafe computing practices. To kick off, almost a quarter of… https://www.virusbulletin.com/blog/2007/09/unsafe-computing-abundance/

Sender authentication checks on the rise

SPF records creep into top ten content triggers checked by ISPs.
SPF records creep into top ten content triggers checked by ISPs. A report by email marketing software provider Lyris has revealed that use of the Sender Policy Framework (SPF)… https://www.virusbulletin.com/blog/2007/09/sender-authentication-checks-rise/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.