VB Blog

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

Posted by Martijn Grooten on Nov 29, 2017

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.

Posted by Martijn Grooten on Nov 28, 2017

Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.

Posted by Martijn Grooten on Nov 27, 2017

Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.

Posted by Martijn Grooten on Nov 24, 2017

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.

Posted by Martijn Grooten on Nov 23, 2017

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

Posted by Martijn Grooten on Nov 22, 2017

At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

Posted by Martijn Grooten on Nov 21, 2017

Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

Posted by Martijn Grooten on Nov 16, 2017

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

Posted by Martijn Grooten on Nov 13, 2017

Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB2017 in Madrid, in which she shared her inside view of security in hospitals.

Posted by Martijn Grooten on Nov 9, 2017

Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.

Previous1...2728293031...215Next

Search blog

Ransom trojan demands Windows re-activation

Criminals make money through calls to supposedly free phone number.
Criminals make money through calls to supposedly free phone number. A new piece of ransomware has been discovered that shows the PC user a blue screen and asks them to re-activate… https://www.virusbulletin.com/blog/2011/04/ransom-trojan-demands-windows-re-activation/

Android SMS trojan goes wild

Premium-rate text scam shows growing cracks in smart phone security.
Premium-rate text scam shows growing cracks in smart phone security. The first known SMS trojan affecting smart phones running Google's Android operating system has been observed… https://www.virusbulletin.com/blog/2010/08/android-sms-trojan-goes-wild/

AV-Comparatives publishes malware removal test

16 products challenged to remove selection of tricky infections.
16 products challenged to remove selection of tricky infections. Independent testing body AV-Comparatives has published its latest set of test results, a comparison of how well… https://www.virusbulletin.com/blog/2009/10/av-comparatives-publishes-malware-removal-test/

AMTSO members summit covers controversial issues

Expert body gets to grips with string of difficult subjects.
Expert body gets to grips with string of difficult subjects. A meeting of the Anti-Malware Testing Standards Organisation (AMTSO) took place this week, with leading experts from… https://www.virusbulletin.com/blog/2009/10/amtso-members-summit-covers-controversial-issues/

Rogue AV claims to send money to environmental causes

'Green AV' best added to blacklist to avoid red faces.
'Green AV' best added to blacklist to avoid red faces. In an attempt to lure users into buying it, the rogue anti-malware product Green AV claims to send US$2 per purchased product… https://www.virusbulletin.com/blog/2009/09/rogue-av-claims-send-money-environmental-causes/

Anti-Obama sentiments used in spam campaign

'DDoS software' turns out to be malware.
'DDoS software' turns out to be malware. In a new spam campaign users are being urged to participate in a DDoS attack on the website of American president Barack Obama in protest… https://www.virusbulletin.com/blog/2009/08/anti-obama-sentiments-used-spam-campaign/

Valentine's lures lead to infection

Predicted spate of romance hooks under way.
Predicted spate of romance hooks under way. After numerous security watchers predicted a barrage of phishing and malware attacks associated with Valentine's Day this week, the… https://www.virusbulletin.com/blog/2009/02/valentine-s-lures-lead-infection/

Google shows off in-house browser beta

Open-source 'Chrome' promises security as well as efficiency.
Open-source 'Chrome' promises security as well as efficiency. Ever-expanding web giant Google has released an early version of its own browser, developed in house but under… https://www.virusbulletin.com/blog/2008/09/google-shows-house-browser-beta/

Malware writing teacher revives old rows

College instructor claims to be fighting industry monopoly.
College instructor claims to be fighting industry monopoly. As announced to much controversy last year, a course in computer security at Sonoma State University, California, is… https://www.virusbulletin.com/blog/2008/08/malware-writing-teacher-revives-old-rows/

Trojan-to-worm automation tool spotted

GUI gizmo adds extra spreading menace to any malware.
GUI gizmo adds extra spreading menace to any malware. Researchers at Panda have discovered a simple and colourful graphical application designed to add basic worm techniques to… https://www.virusbulletin.com/blog/2008/06/trojan-worm-automation-tool-spotted/

Security experts gather in Europe

Anti-malware insights pooled at AMTSO, CARO and EICAR meetings.
Anti-malware insights pooled at AMTSO, CARO and EICAR meetings. Many of the world's leading anti-malware and security experts came together in the past week, at a string of… https://www.virusbulletin.com/blog/2008/05/security-experts-gather-europe/

China-Tibet row spills over into malware attacks

Both sides of debate targeted to spread malicious code.
Both sides of debate targeted to spread malicious code. With the political row over China's involvement in Tibet continuing to make the headlines, cybercriminals have been as quick… https://www.virusbulletin.com/blog/2008/04/china-tibet-row-spills-over-malware-attacks/

IE8 to include malware filtering

New features list includes upgrade to security provision.
New features list includes upgrade to security provision. The next version of Microsoft's Internet Explorer web browser, IE8, could include malware detection as standard, in an… https://www.virusbulletin.com/blog/2008/03/ie8-include-malware-filtering/

Showy malware pushes rogue anti-malware product

MonaRonaDona trojan leads searchers to remover scam.
MonaRonaDona trojan leads searchers to remover scam. An infection which advertises its presence using the name 'MonaRonaDona' is leading victims to search for a cure - and many of… https://www.virusbulletin.com/blog/2008/03/showy-malware-pushes-rogue-anti-malware-product/

Malware going local

Report sees trend toward greater localisation of threats.
Report sees trend toward greater localisation of threats.McAfee's latest Sage report focuses on increased localisation in malware, with spam, phishing and malcode all showing great… https://www.virusbulletin.com/blog/2008/02/malware-going-local/

Storm Valentines run under way

Seasonal spam and malware barrage gets going.
Seasonal spam and malware barrage gets going. The expected run of 'Storm' spams, pushing links to their latest line of malware disguised as Valentine's messages, has begun, with… https://www.virusbulletin.com/blog/2008/02/storm-valentines-run-under-way/

Fake security blogs lead to malware

Blogger sites play on fears to draw victims to porn, trojans.
Blogger sites play on fears to draw victims to porn, trojans. According to a report from Aladdin, numerous fake security blogs have been set up on the Google-owned Blogger blogging… https://www.virusbulletin.com/blog/2008/02/fake-security-blogs-lead-malware/

Malcode from Mexico and Africa predicted to boom

Developing world expected to contribute heavily to future cybercrime.
Developing world expected to contribute heavily to future cybercrime. A report from F-Secure has predicted increasing levels of malware creation and operation in 'developing'… https://www.virusbulletin.com/blog/2008/01/malcode-mexico-and-africa-predicted-boom/

Batch of Dutch MP3 players ships with malware

Worm included as unwanted extra for music lovers.
Worm included as unwanted extra for music lovers. A shipment of MP3 players sold in recent months by Dutch firm Victory has been found to be infected with the Fujacks worm, which… https://www.virusbulletin.com/blog/2008/01/batch-dutch-mp3-players-ships-malware/

Usual fare for holiday season

Storm ecards and social site spyware mark unsurprising year end.
Storm ecards and social site spyware mark unsurprising year end. With large portions of the globe celebrating various festivals over the past few weeks, an expected upsurge in… https://www.virusbulletin.com/blog/2008/01/usual-fare-holiday-season/

« Previous 1234567 Next »