VB Blog

New article: Run your malicious VBA macros anywhere!

Posted by   Virus Bulletin on   Apr 21, 2021

Kurt Natvig explains how he recompiled malicious VBA macro code to valid harmless Python 3.x code.

Read more  

New article: Dissecting the design and vulnerabilities in AZORult C&C panels

Posted by   Virus Bulletin on   Apr 7, 2021

In a new article, Aditya K Sood looks at the command-and-control (C&C) design of the AZORult malware, discussing his team's findings related to the C&C design and some security issues they identified.

Read more  

VB2021 localhost call for papers: a great opportunity

Posted by   Virus Bulletin on   Mar 17, 2021

VB2021 localhost presents an exciting opportunity to share your research with an even wider cross section of the IT security community around the world than usual, without having to take time out of your work schedule (or budget) to travel.

Read more  

New article: Excel Formula/Macro in .xlsb?

Posted by   Virus Bulletin on   Mar 2, 2021

In a follow-up to an article published last week, Kurt Natvig takes us through the analysis of a new malicious sample using the .xlsb file format.

Read more  

New article: Decompiling Excel Formula (XF) 4.0 malware

Posted by   Virus Bulletin on   Feb 23, 2021

In a new article, researcher Kurt Natvig takes a close look at XF 4.0 malware.

Read more  

The Bagsu banker case - presentation

Posted by   Virus Bulletin on   Jan 29, 2021

At VB2019, CSIS researcher Benoît Ancel spoke about a quiet banking trojan actor that has been targeting German users since at least 2014.

Read more  

VB2021 call for papers - now open, to all!

Posted by   Virus Bulletin on   Jan 19, 2021

The call for papers for VB2021 is now open and we want to hear from you - we're planning for flexible presentation formats, so everyone is encouraged to submit, regardless of whether or not you know at this stage whether you'll be able to travel to Prague!

Read more  

In memoriam: Yonathan Klijnsma

Posted by   Virus Bulletin on   Jan 11, 2021

We were very sorry to learn of the passing of researcher Yonathan Klijnsma last week. Here, former VB Editor Martijn Grooten shares his memories of a talented researcher and a very kind person: this month, infosec lost a really good one.

Read more  

VB2020 localhost videos available on YouTube

Posted by   Virus Bulletin on   Jan 8, 2021

VB has made all VB2020 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

Read more  

VB2020 presentation & paper: 2030: backcasting the potential rise and fall of cyber threat intelligence

Posted by   Virus Bulletin on   Dec 8, 2020

At VB2020 localhost, threat intelligence consultant Jamie Collier used the analytical technique of backcasting to look at the rise and fall of the cyber threat intelligence industry.

Read more  
Previous1234567...215Next

Search blog

DMARC: an imperfect solution that can make a big difference

US Senator Ron Wyden has asked the Department of Homeland Security to implement DMARC. Martijn Grooten looks at what difference this could make for phishing attacks impersonating the US federal governent.
US Senator Ron Wyden has written a letter (pdf) to the Department of Homeland Security, urging the US government to implement DMARC to "ensure hackers cannot send emails that… https://www.virusbulletin.com/blog/2017/07/dmarc-imperfect-solution-can-make-big-difference/

TorrentLocker spam has DMARC enabled

Use of email authentication technique unlikely to bring any advantage.
Use of email authentication technique unlikely to bring any advantage. Last week, Trend Micro researcher Jon Oliver (who presented a paper on Twitter abuse at VB2014) wrote an… https://www.virusbulletin.com/blog/2015/03/torrentlocker-spam-has-dmarc-enabled/

Impressive results in latest VBSpam test

Excellent performances in spam filter test - plus evidence of a correlation between spam 'passing' SPF and an increased delivery rate.
Excellent performances in spam filter test - plus evidence of a correlation between spam 'passing' SPF and an increased delivery rate. No fewer than ten anti-spam solutions… https://www.virusbulletin.com/blog/2013/02/impressive-results-latest-vbspam-test/

EU report suggests 95% of email is spam

Less than five per cent of all SMTP connections result in an email being delivered into a user's inbox.
Less than five per cent of all SMTP connections result in an email being delivered into a user's inbox. A survey carried out by the European Network and Information Security Agency… https://www.virusbulletin.com/blog/2010/01/eu-report-suggests-95-email-spam/

VB announces latest VBSpam certification results

Two products achieve top level VBSpam Platinum award.
Two products achieve top level VBSpam Platinum award. Virus Bulletin has announced the results of its second comparative review of anti-spam products, revealing two top-level… https://www.virusbulletin.com/blog/2009/07/vb-announces-latest-vbspam-certification-results/

DKIM usage shows significant growth

US banks urged to use authentication method
US banks urged to use authentication method In a report on its website, Internet giant Cisco states it has been seeing almost 700,000 non-spam messages that contain valid DKIM… https://www.virusbulletin.com/blog/2009/06/dkim-usage-shows-significant-growth/

Sender authentication checks on the rise

SPF records creep into top ten content triggers checked by ISPs.
SPF records creep into top ten content triggers checked by ISPs. A report by email marketing software provider Lyris has revealed that use of the Sender Policy Framework (SPF)… https://www.virusbulletin.com/blog/2007/09/sender-authentication-checks-rise/

Unsafe computing in abundance

Reports and statistics on unsafe computing practices.
Reports and statistics on unsafe computing practices. Last month saw a flurry of reports and statistics on unsafe computing practices. To kick off, almost a quarter of… https://www.virusbulletin.com/blog/2007/09/unsafe-computing-abundance/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.