VB Blog

VBSpam tests to be executed under the AMTSO framework

Posted by   Virus Bulletin on   Jun 24, 2024

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

Read more  

In memoriam: Prof. Ross Anderson

Posted by   Virus Bulletin on   Apr 2, 2024

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

Read more  

In memoriam: Dr Alan Solomon

Posted by   Virus Bulletin on   Feb 14, 2024

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

Read more  

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

Posted by   Virus Bulletin on   Oct 12, 2023

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

Read more  

New paper: Collector-stealer: a Russian origin credential and information extractor

Posted by   Virus Bulletin on   Dec 8, 2021

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

Read more  

VB2021 localhost videos available on YouTube

Posted by   Virus Bulletin on   Nov 4, 2021

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

Read more  

VB2021 localhost is over, but the content is still available to view!

Posted by   Virus Bulletin on   Oct 11, 2021

VB2021 localhost - VB's second virtual conference - took place last week, but you can still watch all the presentations.

Read more  

VB2021 localhost call for last-minute papers

Posted by   Virus Bulletin on   Aug 2, 2021

The call for last-minute papers for VB2021 localhost is now open. Submit before 20 August to have your paper considered for one of the slots reserved for 'hot' research!

Read more  

New article: Run your malicious VBA macros anywhere!

Posted by   Virus Bulletin on   Apr 21, 2021

Kurt Natvig explains how he recompiled malicious VBA macro code to valid harmless Python 3.x code.

Read more  

New article: Dissecting the design and vulnerabilities in AZORult C&C panels

Posted by   Virus Bulletin on   Apr 7, 2021

In a new article, Aditya K Sood looks at the command-and-control (C&C) design of the AZORult malware, discussing his team's findings related to the C&C design and some security issues they identified.

Read more  
Previous1234567...215Next

Search blog

VB2016 paper: Modern attacks on Russian financial institutions

Today, we publish the VB2016 paper and presentation (recording) by ESET researchers Jean-Ian Boutin and Anton Cherepanov, in which they look at sophisticated attacks against Russian financial institutions.
Today, we publish the VB2016 paper "Modern attacks on Russian financial institutions" (here in HTML format and here in PDF format) by ESET researchers Jean-Ian Boutin and Anton… https://www.virusbulletin.com/blog/2016/december/vb2016-paper-modern-attacks-russian-financial-institutions/

Grum botnet's command-and-control servers shut down

Spam-sending botnet believed to be third largest in the world.
Spam-sending botnet believed to be third largest in the world. International co-operation between a number of parties has led to all command-and-control servers of the 'Grum'… https://www.virusbulletin.com/blog/2012/07/grum-botnet-s-command-and-control-servers-shut-down/

Cybercriminals frustrated with botnet trackers

Drastic measures discussed by users of online forum.
Drastic measures discussed by users of online forum. Russian cybercriminals are willing to go to great lengths to frustrate services that hinder botnets created with the ZeuS and… https://www.virusbulletin.com/blog/2011/03/cybercriminals-frustrated-botnet-trackers/

Spammers move from China to Russia

Stricter rules on registering .cn domains leads to increase in malicious .ru domains.
Stricter rules on registering .cn domains leads to increase in malicious .ru domains. A change in the rules of the organization responsible for registering .cn domains has resulted… https://www.virusbulletin.com/blog/2010/02/spammers-move-china-russia/

Russian Business Network leaves Russia

Leading cybercrime hosting hub moves business to fresh pastures.
Leading cybercrime hosting hub moves business to fresh pastures. The notorious Russian Business Network (RBN), recently making headlines for the massive amounts of malicious and… https://www.virusbulletin.com/blog/2007/11/russian-business-network-leaves-russia/

St. Petersburg US Consulate website hacked

Malware served by official government site.
Malware served by official government site. Web-watchers at Sophos have reported spotting malware hosted on the website of the US Consulate in St. Petersburg, using obfuscated… https://www.virusbulletin.com/blog/2007/09/st-petersburg-us-consulate-website-hacked/

Estonian websites suffer wave of DoS attacks

Baltic republic accuses Russia of cyber-warfare.
Baltic republic accuses Russia of cyber-warfare. A wave of denial of service (DoS) attacks on Estonian websites has prompted the Estonian government to accuse its neighbour of… https://www.virusbulletin.com/blog/2007/05/estonian-websites-suffer-wave-dos-attacks/

DoS attacks support political unrest

Estonia rioting backed up by attacks on government websites.
Estonia rioting backed up by attacks on government websites. Severe rioting in Estonia, sparked by anger over the removal of a Russian monument from a prominent war memorial, has… https://www.virusbulletin.com/blog/2007/05/dos-attacks-support-political-unrest/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.