VB Blog

There are lessons to be learned from government websites serving cryptocurrency miners

Posted by   Martijn Grooten on   Feb 12, 2018

Thousands of websites, including many sites of government organisations in the UK, the US and Sweden, were recently found to have been serving a cryptocurrency miner. More interesting than the incident itself, though, are the lessons that can be learned from it.

Read more  

We need to continue the debate on the ethics and perils of publishing security research

Posted by   Martijn Grooten on   Feb 9, 2018

An article by security researcher Collin Anderson reopens the debate on whether publishing threat analyses is always in the public interest.

Read more  

WordPress users urged to manually update to fix bug that prevents automatic updating

Posted by   Martijn Grooten on   Feb 8, 2018

Users of the popular WordPress content management system are urged to manually update their installation to version 4.9.4, as a bug in the previous version broke the ability to automatically install updates.

Read more  

New paper: A review of the evolution of Andromeda over the years

Posted by   Martijn Grooten on   Feb 7, 2018

The Andromeda botnet (aka Gamarue or Wauchos) has plagued Internet users for more than half a decade but, following a takedown effort and the arrest of the suspected botnet owner in December 2017, it is likely we have seen the end of it. In a new paper by Fortinet researchers Bahare Sabouri and He Xu, we look back at the evolution of Andromeda from version 2.06 to 2.10 and demonstrate both how it improved its loader to evade automatic analysis/detection and how the payload varied among the different versions.

Read more  

There is no evidence in-the-wild malware is using Meltdown or Spectre

Posted by   Martijn Grooten on   Feb 2, 2018

Reports of malware using the Meltdown or Spectre attacks are likely based on proof-of-concept code rather than files written for a malicious purpose.

Read more  

Throwback Thursday: Malware taking a bit(coin) more than we bargained for

Posted by   Martijn Grooten on   Feb 1, 2018

This Throwback Thursday, we republish the VB2012 paper by Microsoft researcher Amir Fouda, one of the earliest papers to look at malware targeting Bitcoin.

Read more  

First time speaker? Don't be afraid of submitting to the VB2018 CFP

Posted by   Martijn Grooten on   Jan 31, 2018

We especially encourage those less experienced in speaking in public to submit to the call for papers for VB2018, where we aim to provide a friendly and welcoming environment in which people can both present their own research and learn from what others have been working on.

Read more  

VB2017 paper: VirusTotal tips, tricks and myths

Posted by   Martijn Grooten on   Jan 25, 2018

At VB2017 in Madrid, security researcher Randy Abrams presented an overview of the VirusTotal service and then went on to bust several of the persistent myths that surround it. Today we publish both Randy's paper and the recording of his presentation.

Read more  

Healthcare CERTs highlight the need for security guidance for specific sectors

Posted by   Martijn Grooten on   Jan 24, 2018

A new computer emergency response team has been launched in the Netherlands to provide guidance specifically tailored to the healthcare sector. Martijn Grooten welcomes the development.

Read more  

VB2018 call for papers now open!

Posted by   Martijn Grooten on   Jan 23, 2018

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2018 is now open and we want to hear from you!

Read more  
Previous1...2425262728...215Next

Search blog

VB2018 preview: The botnet landscape - live threats and steps for mitigation (Small Talk)

In a Small Talk at VB2018, Spamhaus's Simon Forster will present the organization's research into the botnet landscape and will discuss with the audience topics such as how the rise of anonymzation techniques and the hosting of botnets on well-regarded cl…
Whether they're used to send spam, to perform DDoS attacks, or as a proxy network for other kinds of nefarious activities, botnets remain a prominent tool for cybercriminals, and… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-botnet-landscape-live-threats-and-steps-mitigation-small-talk/

Spamhaus report shows many botnet controllers look a lot like legitimate servers

Spamhaus's annual report on botnet activity shows that botherders tend to use popular, legitimate hosting providers, domain registrars and top-level domains when setting up command-and-control servers.
Of all the annual security reports and blog posts that look back at the previous year, that of Spamhaus is one I particularly look forward to, as it always comes with good and… https://www.virusbulletin.com/blog/2018/01/spamhaus-reports-shows-many-botnet-controllers-look-lot-legitimate-servers/

Spamhaus CIO calls for those running open DNS resolvers to be fined

Open DNS resolvers instrumental in many DDoS attacks.
Open DNS resolvers instrumental in many DDoS attacks. At the Cyber Security Summit in London, Richard Cox, CIO of DNS blacklist provider Spamhaus, called on the UK government to… https://www.virusbulletin.com/blog/2013/11/spamhaus-cio-calls-those-running-open-dns-resolvers-be-fined/

Dutchman arrested in Spain for DDoS attacks on Spamhaus

Suspect drove around in 'mobile bunker' to co-ordinate attacks.
Suspect drove around in 'mobile bunker' to co-ordinate attacks. Police in Spain have arrested a 35-year-old Dutchman, believed to be responsible for the DDoS attacks on Spamhaus… https://www.virusbulletin.com/blog/2013/04/dutchman-arrested-spain-ddos-attacks-spamhaus/

Correction to VBSpam results

Spamhaus and SURBL results re-evaluated.
Spamhaus and SURBL results re-evaluated. The most recent VBSpam results incorrectly stated that SURBL failed to detect a blacklisted URL in any of the emails in the Wombat feed of… https://www.virusbulletin.com/blog/2012/11/correction-vbspam-results/

Dutch ISP sues Spamhaus for 'extortion'

Blacklist entries 'unfair and illegal'.
Blacklist entries 'unfair and illegal'. Dutch ISP A2B Internet has sued The Spamhaus Project, claiming the project unfairly blacklisted its IP range. A2B provides the upstream… https://www.virusbulletin.com/blog/2011/10/dutch-isp-sues-spamhaus-extortion/

Bulletproof hosting firm claims legitimacy

Crime-laden Russian service threatens to sue detractors.
Crime-laden Russian service threatens to sue detractors. A notorious Russian firm offering 'bulletproof hosting' - website hosting services with a guarantee that sites will not be… https://www.virusbulletin.com/blog/2007/10/bulletproof-hosting-firm-claims-legitimacy/

Spamhaus $11 million fine thrown out

Appeal court quashes earlier e360 compensation ruling.
Appeal court quashes earlier e360 compensation ruling. Anti-spam operation Spamhaus, previously ordered to pay $11 million to mass-mailing firm e360 Insight after refusing to… https://www.virusbulletin.com/blog/2007/09/spamhaus-11-million-fine-thrown-out/

Spoof Spamhaus ads spammed out

Mail campaign claims to promote spam fighters.
Mail campaign claims to promote spam fighters. Spam-fighting organisation Spamhaus has been subjected to an attack on its reputation this week, with a sizeable campaign of spams… https://www.virusbulletin.com/blog/2007/07/spoof-spamhaus-ads-spammed-out/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.