VB Blog

VB2014 paper: Leaving our ZIP undone: how to abuse ZIP to deliver malware apps

Posted by   Virus Bulletin on   Mar 5, 2015

Gregory Panakkal explains that there are different ways of looking at APK files - and that sometimes that can have unintended consequences.

Read more  

FREAK attack takes HTTPS connections back to 1990s security

Posted by   Virus Bulletin on   Mar 4, 2015

Golden keys from the (first) crypto wars have come back to haunt us.

Read more  

TorrentLocker spam has DMARC enabled

Posted by   Virus Bulletin on   Mar 2, 2015

Use of email authentication technique unlikely to bring any advantage.

Read more  

Paper: Script in a lossy stream

Posted by   Virus Bulletin on   Mar 2, 2015

Dénes Óvári explains how to store code in lossily compressed JPEG data.

Read more  

M3AAWG releases BCP document on dealing with child sexual abuse material

Posted by   Virus Bulletin on   Feb 27, 2015

Subject may make many feel uncomfortable, but it is essential that we know how to deal with it.

Read more  

VB2014 paper: Caphaw - the advanced persistent pluginer

Posted by   Virus Bulletin on   Feb 27, 2015

Micky Pun and Neo Tan analyse the banking trojan that is best known for spreading through Skype.

Read more  

Coordinated action takes down Ramnit botnet infrastructure

Posted by   Virus Bulletin on   Feb 26, 2015

Malware remains present on infected machines; 2012 Virus Bulletin paper worth studying.

Read more  

Hacker group takes over Lenovo's DNS

Posted by   Virus Bulletin on   Feb 26, 2015

As emails were sent to wrong servers, DNSSEC might be worth looking into.

Read more  

Almost 50% increase in reported vulnerabilities as non-Windows operating systems lead the table

Posted by   Virus Bulletin on   Feb 25, 2015

Each discovered vulnerability is actually a good news story.

Read more  

Vawtrak trojan spread through malicious Office macros

Posted by   Virus Bulletin on   Feb 24, 2015

Users easily tricked, but plenty of opportunity for the malware to be blocked.

Read more  
Previous1...5758596061...215Next

Search blog

DMARC: an imperfect solution that can make a big difference

US Senator Ron Wyden has asked the Department of Homeland Security to implement DMARC. Martijn Grooten looks at what difference this could make for phishing attacks impersonating the US federal governent.
US Senator Ron Wyden has written a letter (pdf) to the Department of Homeland Security, urging the US government to implement DMARC to "ensure hackers cannot send emails that… https://www.virusbulletin.com/blog/2017/07/dmarc-imperfect-solution-can-make-big-difference/

TorrentLocker spam has DMARC enabled

Use of email authentication technique unlikely to bring any advantage.
Use of email authentication technique unlikely to bring any advantage. Last week, Trend Micro researcher Jon Oliver (who presented a paper on Twitter abuse at VB2014) wrote an… https://www.virusbulletin.com/blog/2015/03/torrentlocker-spam-has-dmarc-enabled/

Impressive results in latest VBSpam test

Excellent performances in spam filter test - plus evidence of a correlation between spam 'passing' SPF and an increased delivery rate.
Excellent performances in spam filter test - plus evidence of a correlation between spam 'passing' SPF and an increased delivery rate. No fewer than ten anti-spam solutions… https://www.virusbulletin.com/blog/2013/02/impressive-results-latest-vbspam-test/

EU report suggests 95% of email is spam

Less than five per cent of all SMTP connections result in an email being delivered into a user's inbox.
Less than five per cent of all SMTP connections result in an email being delivered into a user's inbox. A survey carried out by the European Network and Information Security Agency… https://www.virusbulletin.com/blog/2010/01/eu-report-suggests-95-email-spam/

VB announces latest VBSpam certification results

Two products achieve top level VBSpam Platinum award.
Two products achieve top level VBSpam Platinum award. Virus Bulletin has announced the results of its second comparative review of anti-spam products, revealing two top-level… https://www.virusbulletin.com/blog/2009/07/vb-announces-latest-vbspam-certification-results/

DKIM usage shows significant growth

US banks urged to use authentication method
US banks urged to use authentication method In a report on its website, Internet giant Cisco states it has been seeing almost 700,000 non-spam messages that contain valid DKIM… https://www.virusbulletin.com/blog/2009/06/dkim-usage-shows-significant-growth/

Sender authentication checks on the rise

SPF records creep into top ten content triggers checked by ISPs.
SPF records creep into top ten content triggers checked by ISPs. A report by email marketing software provider Lyris has revealed that use of the Sender Policy Framework (SPF)… https://www.virusbulletin.com/blog/2007/09/sender-authentication-checks-rise/

Unsafe computing in abundance

Reports and statistics on unsafe computing practices.
Reports and statistics on unsafe computing practices. Last month saw a flurry of reports and statistics on unsafe computing practices. To kick off, almost a quarter of… https://www.virusbulletin.com/blog/2007/09/unsafe-computing-abundance/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.