VB Blog

VB2017 preview: Beyond lexical and PDNS (guest blog)

Posted by Virus Bulletin on Oct 5, 2017

In a special guest blog post, VB2017 Silver sponsor Cisco Umbrella writes about a paper that researchers Dhia Mahjoub and David Rodriguez will present at the conference this Friday.

Posted by Martijn Grooten on Oct 2, 2017

The recently discovered malicious CCleaner version has become one of the biggest security stories of 2017. Two researchers from Avast, the company that had recently acquired CCleaner developer Piriform, will share the results of their investigations at VB2017 in Madrid this week.

Posted by Martijn Grooten on Oct 2, 2017

We preview the VB2017 paper by Kaspersky Lab researchers Juan Andrés Guerrero-Saade and Costin Raiu on fourth-party collection and its implications for attack attribution.

Posted by Martijn Grooten on Sep 29, 2017

We preview Patrick Wardle's VB2017 paper, in which the Synack researcher analyses the mysterious OSX/FruitFly malware by setting up a custom C&C server.

Posted by Martijn Grooten on Sep 28, 2017

More than 50 security industry experts will present conference papers to their peers at VB2017 next week, and there are several papers on the programme with a certain newsworthiness. There is still time for cybersecurity journalists to apply for a press pass.

Posted by Martijn Grooten on Sep 25, 2017

We preview the VB2017 paper by Dhia Mahjoub (OpenDNS) and Jason Passwaters (Intel471) who combine an actor-centric and a network-centric approach to analysing bulletproof hosting operations.

Posted by Martijn Grooten on Sep 22, 2017

As has become tradition, VB2017 will once again see a security industry table football tournament. Register your team now for some great fun and adrenaline-filled matches in between sessions in Madrid!

Posted by Martijn Grooten on Sep 21, 2017

Greater Manchester Police is one of many organizations still running Windows XP on some of its systems. This is bad practice, but the case against running XP is far more subtle than we often pretend it is.

Posted by Martijn Grooten on Sep 21, 2017

Researchers from ESET have found a new way in which the FinSpy/FinFisher 'government spyware' can infect users, details of which they will present at VB2017 in Madrid.

Posted by Virus Bulletin on Sep 20, 2017

Activity monitoring by security products in general, and HTTPS traffic inspection in particular, are sensitive issues in the security community. There is a time and a place for them, VB's Martijn Grooten argues, but only when they are done right.

Previous1...2930313233...215Next

Search blog

New peer-to-peer botnet discovered

New botnet shares fast flux DNS and other similarities with Storm and Waledac.
New botnet shares fast flux DNS and other similarities with Storm and Waledac. In the last few days of 2010, security researchers discovered a new botnet that shares many… https://www.virusbulletin.com/blog/2011/01/new-peer-peer-botnet-discovered/

Valentine's lures lead to infection

Predicted spate of romance hooks under way.
Predicted spate of romance hooks under way. After numerous security watchers predicted a barrage of phishing and malware attacks associated with Valentine's Day this week, the… https://www.virusbulletin.com/blog/2009/02/valentine-s-lures-lead-infection/

Researchers crack into Storm botnet

Comms channels decrypted, automated removal possible.
Comms channels decrypted, automated removal possible. A group of German academics claim to have deciphered communications protocols used by the infamous 'Storm' botnet, allowing… https://www.virusbulletin.com/blog/2009/01/researchers-crack-storm-botnet/

Riders on a Storm

Researchers hijack botnet - and find spam success rates lower than previously believed.
Researchers hijack botnet - and find spam success rates lower than previously believed. Less than 1 in 12 million spam emails sent through the infamous Storm botnet led to a… https://www.virusbulletin.com/blog/2008/11/riders-storm/

Storm mails bring spoof World War 3 news

US-Iran war story used as hook for malware barrage.
US-Iran war story used as hook for malware barrage. The Storm botnet has been spamming in force again in the past week, with its expected run targeting 4th of July celebrations in… https://www.virusbulletin.com/blog/2008/07/storm-mails-bring-spoof-world-war-3-news/

'Kraken' monster botnet causing controversy

As latest botnet scare debated, Storm keeps on blowing.
As latest botnet scare debated, Storm keeps on blowing. Recent reports of a massive botnet, apparently sneaking its trojans past security software and far outnumbering better-known… https://www.virusbulletin.com/blog/2008/04/kraken-monster-botnet-causing-controversy/

HP ships infected USB keys

Autorun worms found on batch of server setup devices.
Autorun worms found on batch of server setup devices. A batch of USB thumb drives containing software intended to assist in the setup of servers have been found to contain some… https://www.virusbulletin.com/blog/2008/04/hp-ships-infected-usb-keys/

Google Groups and Blogspot used to serve malware

Company finds own IP address to be serving most malware.
Company finds own IP address to be serving most malware.Malware writers have created thousands of Google Groups with the sole purpose of serving malware, Sunbelt reports. On the… https://www.virusbulletin.com/blog/2008/04/google-groups-and-blogspot-used-serve-malware/

April Storm

April Fools' Day emails contain new variant of infamous worm.
April Fools' Day emails contain new variant of infamous worm. Security researchers report a new wave of spam emails being sent out. The emails, which use subject lines such as… https://www.virusbulletin.com/blog/2008/04/april-storm/

Storm Valentines run under way

Seasonal spam and malware barrage gets going.
Seasonal spam and malware barrage gets going. The expected run of 'Storm' spams, pushing links to their latest line of malware disguised as Valentine's messages, has begun, with… https://www.virusbulletin.com/blog/2008/02/storm-valentines-run-under-way/

Stormy love letters

Storm botnet celebrates birthday with new wave of spam.
Storm botnet celebrates birthday with new wave of spam. Earlier this week malware experts warned of likely increased activity of the Storm botnet around Valentine's Day next month.… https://www.virusbulletin.com/blog/2008/01/stormy-love-letters/

Phishing danger increases as Storm botnet is hired out

Smart new trojan and Storm diversification add to online banking risk.
Smart new trojan and Storm diversification add to online banking risk. The dangers of banking online grew significantly in past weeks, as portions of the ever-expanding Storm… https://www.virusbulletin.com/blog/2008/01/phishing-danger-increases-storm-botnet-hired-out/

Usual fare for holiday season

Storm ecards and social site spyware mark unsurprising year end.
Storm ecards and social site spyware mark unsurprising year end. With large portions of the globe celebrating various festivals over the past few weeks, an expected upsurge in… https://www.virusbulletin.com/blog/2008/01/usual-fare-holiday-season/

Russian Business Network leaves Russia

Leading cybercrime hosting hub moves business to fresh pastures.
Leading cybercrime hosting hub moves business to fresh pastures. The notorious Russian Business Network (RBN), recently making headlines for the massive amounts of malicious and… https://www.virusbulletin.com/blog/2007/11/russian-business-network-leaves-russia/

Storm spams promise spooky Halloween

Tricks not treats as skeleton game emails link to attack.
Tricks not treats as skeleton game emails link to attack. The 'Storm' attack has once again taken advantage of a popular cultural occasion to spam out the latest wave of links to… https://www.virusbulletin.com/blog/2007/10/storm-spams-promise-spooky-halloween/

Storm botnet evolution hints at spam and DDoS renting

Latest change in tactics could mean zombie clusters for hire.
Latest change in tactics could mean zombie clusters for hire. The latest twist in the long-running 'Storm' saga, the use of encryption in communications between infected hosts and… https://www.virusbulletin.com/blog/2007/10/storm-botnet-evolution-hints-spam-and-ddos-renting/

Storm attack strikes back

Cute kitten cards cover latest wave of malware.
Cute kitten cards cover latest wave of malware. The Storm attack has returned with yet another wave of blended attacks, with links to the drive-by download sites of the initial… https://www.virusbulletin.com/blog/2007/10/storm-attack-strikes-back/

Storm DDoS hits anti-scam sites

419 fighters attacked - NFL and TOR latest spam hooks.
419 fighters attacked - NFL and TOR latest spam hooks. The massive botnet amassed by the 'Storm' (Zhelatin/Nuwar/Dorf/etc.) attack continues to target new victims, with the TOR… https://www.virusbulletin.com/blog/2007/09/storm-ddos-hits-anti-scam-sites/

YouTube latest Storm hook

Fake video links aim to pull in yet more victims.
Fake video links aim to pull in yet more victims. The never-ending stream of 'Storm' attacks continued over the weekend with a new tactic - the latest spammed email campaign… https://www.virusbulletin.com/blog/2007/08/youtube-latest-storm-hook/

Latest Storm barrage offers site memberships

New tactic provides logins to special-interest sites.
New tactic provides logins to special-interest sites. The 'Storm' attack has changed tactic yet again, with the latest set of spams providing login details to a wide selection of… https://www.virusbulletin.com/blog/2007/08/latest-storm-barrage-offers-site-memberships/

« Previous 12 Next »