VB Blog

Stalkerware poses particular challenges to anti-virus products

Posted by   Martijn Grooten on   Oct 31, 2019

Malware used in domestic abuse situations is a growing threat, and the standard way for anti-virus products to handle such malware may not be good enough. But that doesn't mean there isn't an important role for anti-virus to play.

Read more  

VB2019 paper: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry

Posted by   Martijn Grooten on   Oct 28, 2019

Today we publish the VB2019 paper by RiskIQ researcher Yonathan Klijnsma, who looked at the Magecart web-skimming attacks.

Read more  

VB2019 videos: partner presentations

Posted by   Martijn Grooten on   Oct 25, 2019

Today, we publish the videos of the VB2019 partner presentations by Michael Maltsev (Reason Cybersecurity) on webcam interception and protection, and by Jean-Ian Boutin and Anton Cherepanov (ESET) on the Buhtrap group.

Read more  

VB tests the web security products that play an important role in fending off web-based threats

Posted by   Martijn Grooten on   Oct 24, 2019

The web continues to be a major infection vector for malware and credential-stealing threats. In the VBWeb tests, we measure products' ability to block such threats and certify products that perform a good job at doing so.

Read more  

VB2019 papers: Emotet and Ryuk

Posted by   Martijn Grooten on   Oct 23, 2019

Today we publish VB2019 papers by Luca Nagy (Sophos) on Emotet and Gabriela Nicolao and Luciano Martins (Deloitte) on Ryuk, as well as the corresponding videos of their presentations.

Read more  

Responsible madness?

Posted by   Virus Bulletin on   Oct 22, 2019

The debate on responsible disclosure is about as old as IT security itself. In a guest post for Virus Bulletin Robert Neumann suggests we need to reconsider a one-size-fits-all solution and instead look for a well-respected independent organization to handle security issues.

Read more  

VB2019 paper: Geost botnet. The story of the discovery of a new Android banking trojan from an OpSec error

Posted by   Martijn Grooten on   Oct 21, 2019

OpSec mistakes are what lead to many malware discoveries, and in the case of the Geost Android botnet the mistake was a really interesting one. Today we publish the VB2019 paper by Sebastian García, Maria Jose Erquiaga and Anna Shirokova on the Geost botnet, as well as the recording of Sebastian and Anna presenting their research in London.

Read more  

Analysis of malware responsible for sextortion spam that mines for Monero on the side

Posted by   Virus Bulletin on   Oct 14, 2019

VB2019 Platinum partner Reason Cybersecurity presents a threat analysis report on the Save Yourself malware.

Read more  

Guest blog: Threat intelligence – a unifying force of the future

Posted by   Virus Bulletin on   Oct 4, 2019

In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence.

Read more  

Guest blog: Why we should be paying more attention to Linux threats

Posted by   Virus Bulletin on   Sep 25, 2019

In a guest blog post VB2019 Silver partner Intezer outlines the importance of paying attention to Linux threats.

Read more  
Previous1...89101112...215Next

Search blog

VB2019 papers: Emotet and Ryuk

Today we publish VB2019 papers by Luca Nagy (Sophos) on Emotet and Gabriela Nicolao and Luciano Martins (Deloitte) on Ryuk, as well as the corresponding videos of their presentations.
Shinigami’s revenge: the long tail of the Ryuk malware Read the paper (HTML) Download the paper (PDF)   Exploring Emotet, an elaborate everyday enigma Read the paper… https://www.virusbulletin.com/blog/2019/10/vb2019-papers-emotet-and-ryuk/

VB2019 preview: Exploring Emotet, an elaborate everyday enigma

We preview the VB2019 paper by Sophos researcher Luca Nagy, who dives deeply into the notorious Emotet malware.
Active since 2014, initially as a banking trojan, Emotet has been a plague on the Internet in recent years. Emotet's core strength is its ability to download other malware, thus… https://www.virusbulletin.com/blog/2019/08/vb2019-preview-exploring-emotet-elaborate-everyday-enigma/

VB2018 paper: Office bugs on the rise

At VB2018 Sophos researcher Gábor Szappanos provided a detailed overview of Office exploit builders, and looked in particular at the widely exploited CVE-2017-0199. Today we publish his paper and release the video of his presentation.
A large portion of today's malware infections use malicious Office documents as a first-stage payload. Typically, the user is tricked into enabling macros or disabling some… https://www.virusbulletin.com/blog/2018/12/vb2018-paper-office-bugs-rise/

VB2018 video: Behind the scenes of the SamSam investigation

Today we have published the video of the VB2018 presentation by Andrew Brandt (Sophos) on the SamSam ransomware, which became hot news following the indictment of its two suspected authors yesterday.
Yesterday, a federal grand jury in the US unsealed an indictment charging two Iranians with being behind the SamSam ransomware. SamSam has been one of the most successful… https://www.virusbulletin.com/blog/2018/11/vb2018-video-behind-scenes-samsam-investigation/

Gábor Szappanos wins fourth Péter Szőr Award

At the VB2017 gala dinner, the fourth Péter Szőr Award was presented to Sophos researcher Gábor Szappanos for his paper "AKBuilder – the crowdsourced exploit kit".
Every year, during the Virus Bulletin Conference gala dinner, we celebrate the life and works of Péter Szőr, the brilliant security researcher who passed away so sadly in 2013. We… https://www.virusbulletin.com/blog/2017/10/gabor-szappanos-wins-fourth-peter-szor-award/

Paper: New Keylogger on the Block

In a new paper published by Virus Bulletin, Sophos researcher Gabor Szappanos takes a look at the KeyBase keylogger, sold as a commercial product and popular among cybercriminals who use it in Office exploit kits.
Keyloggers have long been a popular tool for cybercriminals, something made worse by the fact that many of them are sold commercially. Today, we publish a paper (here as a PDF)… https://www.virusbulletin.com/blog/2016/07/paper-new-keylogger-block/

VB2015 paper: Will Android Trojans, Worms or Rootkits Survive in SEAndroid and Containerization?

Sophos researchers Rowland Yu and William Lee look at whether recent security enhancements to Android, such as SEAndroid and containerization, will be enough to defeat future malware threats.
Google's Android operating system may have a bit of a bad reputation when it comes to security, but it's worth noting that recent versions of the operating system have been… https://www.virusbulletin.com/blog/2016/02/vb2015-paper-will-android-trojans-worms-or-rootkits-survive-seandroid-and-containerization/

Sophos red flags Google Analytics

Popular analytics tool mistakenly flagged as 'high risk'.
Popular analytics tool mistakenly flagged as 'high risk'. Security firm Sophos had an embarrassing moment this morning when its scanner flagged Google Analytics as malicious.… https://www.virusbulletin.com/blog/2011/06/sophos-red-flags-google-analytics/

Sophos joins free home AV crowd with Mac release

Business-focused firm takes first step into home-user arena.
Business-focused firm takes first step into home-user arena.Sophos has announced the release of a home-user edition of its Mac anti-malware solution, which is being given away free… https://www.virusbulletin.com/blog/2010/11/sophos-joins-free-home-av-crowd-mac-release/

Sophos bought up by investment firm

APAX Partners acquires major stake in $830 million company.
APAX Partners acquires major stake in $830 million company.Sophos has announced that a majority share of the company will be sold to major private investment firm APAX Partners, in… https://www.virusbulletin.com/blog/2010/05/sophos-bought-investment-firm/

AV protection free for aliens

Klingon language scanner given away.
Klingon language scanner given away. After last summer saw malware making its way into space, it seemed like only a matter of time before alien races would need protection from the… https://www.virusbulletin.com/blog/2009/05/av-protection-free-aliens/

Tough weekend for AV giants as FPs and DNS issues hit

Trend false alert cripples users' systems, Sophos sites taken out by DNS mixup.
Trend false alert cripples users' systems, Sophos sites taken out by DNS mixup. Two of the larger security firms, Trend Micro and Sophos, had a busy weekend cleaning up after… https://www.virusbulletin.com/blog/2008/09/tough-weekend-av-giants-fps-and-dns-issues-hit/

Sophos makes move to buy Utimaco

€217 million bid launched for encryption specialist.
€217 million bid launched for encryption specialist. Security light-heavyweight Sophos has issued official notice of its intention to buy German encryption firm Utimaco, in a share… https://www.virusbulletin.com/blog/2008/07/sophos-makes-move-buy-utimaco/

41 months plus hefty fine for botherder

Cross-border operation brings adware crook to book.
Cross-border operation brings adware crook to book. A Florida man has been sentenced to 41 months in prison and fined $65,000 (approx. £32,000) after implanting bot software on… https://www.virusbulletin.com/blog/2008/06/41-months-plus-hefty-fine-botherder/

Almost half of users think virus-writing contests are a good idea

Shocking survey results disappoint security experts.
Shocking survey results disappoint security experts. Nearly half of the respondents in a Virus Bulletin poll said they thought that virus-writing contests are a useful way of… https://www.virusbulletin.com/blog/2008/05/almost-half-users-think-virus-writing-contests-are-good-idea/

Sophos announces plans to float

Listing on London Stock Exchange expected soon.
Listing on London Stock Exchange expected soon. The long-anticipated floatation of Sophos, one of the biggest privately owned security firms, has been announced this week, with the… https://www.virusbulletin.com/blog/2007/11/sophos-announces-plans-float/

Minor flaws patched in Sophos AV

Security vulnerabilities found and fixed.
Security vulnerabilities found and fixed. Two separate flaws have been reported in Sophos's anti-virus engine, affecting most of its product range and allowing security bypass and… https://www.virusbulletin.com/blog/2007/09/minor-flaws-patched-sophos-av/

Phish poses as Sophos malware alert

Fake security alarm lures users to spoofed site.
Fake security alarm lures users to spoofed site. A phishing email recently spammed out uses the name of security firm Sophos to lend credence to a fake malware alert, designed to… https://www.virusbulletin.com/blog/2007/08/phish-poses-sophos-malware-alert/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.