VB Blog

VB2017 paper and update: Browser attack points still abused by banking trojans

Posted by Martijn Grooten on Jul 25, 2018

At VB2017, ESET researchers Peter Kálnai and Michal Poslušný looked at how banking malware interacts with browsers. Today we publish their paper, share the video of their presentation, and also publish a guest blog post from Peter, in which he summarises the recent developments in this space.

Posted by Martijn Grooten on Jul 16, 2018

It is likely that, by now, everyone in computer science has at least heard of the Spectre attack, and many excellent explanations of the attack already exist. But what is the likelihood of finding Spectre being exploited on Android smartphones?

Posted by Martijn Grooten on Jul 11, 2018

We are excited to announce several more companies that have partnered with VB2018.

Posted by Martijn Grooten on Jul 10, 2018

A new malware campaign that uses two stolen code-signing certificates shows that such certificates continue to be popular among malware authors. But there is a positive side to malware authors' use of stolen certificates.

Posted by Martijn Grooten on Jul 6, 2018

Though the location will remain under wraps for a few more months, we are pleased to announce the dates for VB2019, the 29th Virus Bulletin International Conference.

Posted by Martijn Grooten on Jul 6, 2018

The operators of the Necurs botnet, best known for being one of the most prolific spam botnets of the past few years, have pushed out updates to its client, which provide some important lessons about why malware infections matter.

Posted by Martijn Grooten on Jul 3, 2018

Virus Bulletin has opened nominations for the fifth annual Péter Szőr Award, for the best piece of technical security research published between 1 July 2017 and 30 June 2018.

Posted by Martijn Grooten on Jul 3, 2018

Security researcher Matt Nelson has discovered how .SettingContent-ms files can be embedded into Office files to deliver malware.

Posted by Martijn Grooten on Jun 26, 2018

The New York Times reports that smart home devices are increasingly used in cases of domestic abuse.

Posted by Martijn Grooten on Jun 25, 2018

If you want to come to VB2018 in Montreal this year (and why wouldn't you?) and want to save a bit on the ticket price (and why wouldn't you?), remember that early bird discounts will be available until 30 June.

Previous1...1920212223...215Next

Search blog

Compromised Yahoo! accounts continue to spread Android malware

Problem likely to be on Yahoo!'s side.
Problem likely to be on Yahoo!'s side. In recent weeks, we have noticed an uptick in the amount of spam sent from compromised Yahoo! accounts; we have reasons to believe the… https://www.virusbulletin.com/blog/2013/06/compromised-yahoo-accounts-continue-spread-android-malware/

AV Test releases Android test data

30 mobile solutions tested for malware protection and speed hit.
30 mobile solutions tested for malware protection and speed hit. Independent test organization AV-Test has released its latest report, covering the Andriod platform. This major… https://www.virusbulletin.com/blog/2013/06/av-test-releases-android-test-data/

India believed to be source of sophisticated surveillance campaigns

In-depth investigations find widespread worldwide snooping, Pakistan primary target.
In-depth investigations find widespread worldwide snooping, Pakistan primary target. Several reports have emerged recently covering a highly organised campaign of targeted… https://www.virusbulletin.com/blog/2013/05/india-believed-be-source-sophisticated-surveillance-campaigns/

Commoditization increasingly seen in mobile malware

Number of malicious samples and families increase, as Android remains most popular mobile platform.
Number of malicious samples and families increase, as Android remains most popular mobile platform. As the number of mobile malware samples in existence continues to grow faster… https://www.virusbulletin.com/blog/2013/05/commoditization-increasingly-seen-mobile-malware/

Program turns anti-analysis tools against the malware

Users cautioned to be wary of a false sense of security.
Users cautioned to be wary of a false sense of security. Could you defeat VM-aware malware by making your system aware of VM-aware malware? Tricks to frustrate researchers and… https://www.virusbulletin.com/blog/2013/05/program-turns-anti-analysis-tools-against-malware/

Flame worm one of the most complex threats ever discovered

Malware possibly used for cyber-espionage.
Malware possibly used for cyber-espionage. The jury is out on whether 'Flame' (also known as 'Flamer' or 'Skywiper') is 'the most lethal cyberweapon to date' as some have claimed,… https://www.virusbulletin.com/blog/2012/05/flame-worm-one-most-complex-threats-ever-discovered/

FBI warns against malware installed via hotel networks

Malware poses as fake update of popular software.
Malware poses as fake update of popular software. The FBI has warned travellers against fake software updates served through hotel connections which actually attempt to install… https://www.virusbulletin.com/blog/2012/05/fbi-warns-against-malware-installed-hotel-networks/

Android malware served via compromised websites

Malware downloaded automatically, but requires user permission to be installed.
Malware downloaded automatically, but requires user permission to be installed. Researchers at mobile security company Lookout have discovered a number of compromised websites that… https://www.virusbulletin.com/blog/2012/05/android-malware-served-compromised-websites/

Significant rise in malicious spam and phishing

Over one quarter of malicious emails contain eight-year-old malware.
Over one quarter of malicious emails contain eight-year-old malware. Email security firm eleven has reported a significant rise in both malicious emails and phishing emails in the… https://www.virusbulletin.com/blog/2012/04/significant-rise-malicious-spam-and-phishing/

New Zeus/SpyEye botnet does away with command-and-control servers

Increasing use of UDP to avoid communication tracking.
Increasing use of UDP to avoid communication tracking. Researchers at Symantec have discovered a new parallel build of Zeus (also known as Zbot) and SpyEye that appears to be… https://www.virusbulletin.com/blog/2012/02/new-zeus-spyeye-botnet-does-away-command-and-control-servers/

Sykipot trojan used to target smart cards

Defence companies among small number of targets.
Defence companies among small number of targets. Researchers at Alienvault have discovered a version of the 'Sykipot' trojan that is being used to target organisations that make… https://www.virusbulletin.com/blog/2012/01/sykipot-trojan-used-target-smart-cards/

'Largest takedown ever' sees six arrested

Millions made through 'DNSChanger' malware.
Millions made through 'DNSChanger' malware. Six Estonian nationals have been arrested for taking part in a cybercrime ring that made money through DNS-changing malware that had… https://www.virusbulletin.com/blog/2011/11/largest-takedown-ever-sees-six-arrested/

Government trojan found on German computers

Four states admit the use of spyware.
Four states admit the use of spyware. Controversy has arisen in Germany, after the well-known CCC hacker group reported that it had found a trojan that was used to spy on behalf of… https://www.virusbulletin.com/blog/2011/10/government-trojan-found-german-computers/

VB conference hashtag used to spread malware

Tweet promising conference news links to trojan.
Tweet promising conference news links to trojan. A tweet using the #vb2011 hashtag, which was used in numerous tweets referring to last week's VB2011 conference, contained a link… https://www.virusbulletin.com/blog/2011/10/vb-conference-hashtag-used-spread-malware/

Alureon trojan uses steganography to receive commands

Messages hidden inside images create extra layer of redundancy.
Messages hidden inside images create extra layer of redundancy. Researchers at Microsoft have discovered a new variant of the 'Alureon' trojan that uses steganography to make… https://www.virusbulletin.com/blog/2011/09/alureon-trojan-uses-steganography-receive-commands/

Malicious spam campaigns leave experts puzzled

Increase in malware in spam has not led to increase in malicious activity.
Increase in malware in spam has not led to increase in malicious activity. Security researchers have noticed a significant increase in the quantity of spam sent with malicious… https://www.virusbulletin.com/blog/2011/09/malicious-spam-campaigns-leave-experts-puzzled/

Banking malware tells user to 'refund' money

Web injection used to suggest accidental transfer.
Web injection used to suggest accidental transfer. In a new twist to banking trojans, a piece of malware found on German computers tricks victims into believing a large amount has… https://www.virusbulletin.com/blog/2011/08/banking-malware-tells-user-refund-money/

Malicious PHP script hides bad stuff inside 'white-space'

Spaces and tabs used to encode into binary.
Spaces and tabs used to encode into binary. Researchers at Kaspersky have discovered a malicious PHP script that uses an inventive way to obfuscate its malicious behaviour. The… https://www.virusbulletin.com/blog/2011/06/malicious-php-script-hides-bad-stuff-inside-white-space/

Facebook scam serving malware

Attack targeting Windows and Mac users in US and UK.
Attack targeting Windows and Mac users in US and UK. A Facebook scam that is doing the rounds at the moment - claiming to contain a 'freaky video' related to the ongoing case… https://www.virusbulletin.com/blog/2011/06/facebook-scam-serving-malware/

Canada new hotbed for cybercriminal activity

Country's IP addresses less likely to be scrutinized.
Country's IP addresses less likely to be scrutinized. Security firm Websense has reported a significant increase in cybercrime originating in Canada. Hitherto, Canada and… https://www.virusbulletin.com/blog/2011/05/canada-new-hotbed-cybercriminal-activity/

« Previous 1234567 Next »