VB Blog

New article: Dissecting the design and vulnerabilities in AZORult C&C panels

Posted by   Virus Bulletin on   Apr 7, 2021

In a new article, Aditya K Sood looks at the command-and-control (C&C) design of the AZORult malware, discussing his team's findings related to the C&C design and some security issues they identified.

Read more  

VB2021 localhost call for papers: a great opportunity

Posted by   Virus Bulletin on   Mar 17, 2021

VB2021 localhost presents an exciting opportunity to share your research with an even wider cross section of the IT security community around the world than usual, without having to take time out of your work schedule (or budget) to travel.

Read more  

New article: Excel Formula/Macro in .xlsb?

Posted by   Virus Bulletin on   Mar 2, 2021

In a follow-up to an article published last week, Kurt Natvig takes us through the analysis of a new malicious sample using the .xlsb file format.

Read more  

New article: Decompiling Excel Formula (XF) 4.0 malware

Posted by   Virus Bulletin on   Feb 23, 2021

In a new article, researcher Kurt Natvig takes a close look at XF 4.0 malware.

Read more  

The Bagsu banker case - presentation

Posted by   Virus Bulletin on   Jan 29, 2021

At VB2019, CSIS researcher Benoît Ancel spoke about a quiet banking trojan actor that has been targeting German users since at least 2014.

Read more  

VB2021 call for papers - now open, to all!

Posted by   Virus Bulletin on   Jan 19, 2021

The call for papers for VB2021 is now open and we want to hear from you - we're planning for flexible presentation formats, so everyone is encouraged to submit, regardless of whether or not you know at this stage whether you'll be able to travel to Prague!

Read more  

In memoriam: Yonathan Klijnsma

Posted by   Virus Bulletin on   Jan 11, 2021

We were very sorry to learn of the passing of researcher Yonathan Klijnsma last week. Here, former VB Editor Martijn Grooten shares his memories of a talented researcher and a very kind person: this month, infosec lost a really good one.

Read more  

VB2020 localhost videos available on YouTube

Posted by   Virus Bulletin on   Jan 8, 2021

VB has made all VB2020 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

Read more  

VB2020 presentation & paper: 2030: backcasting the potential rise and fall of cyber threat intelligence

Posted by   Virus Bulletin on   Dec 8, 2020

At VB2020 localhost, threat intelligence consultant Jamie Collier used the analytical technique of backcasting to look at the rise and fall of the cyber threat intelligence industry.

Read more  

VB2020 presentation: Behind the Black Mirror: simulating attacks with mock C2 servers

Posted by   Virus Bulletin on   Dec 4, 2020

At VB2020 localhost, Carbon Black's Scott Knight presented an approach he and his colleagues have taken to more realistically simulate malware attacks.

Read more  
Previous1234567...215Next

Search blog

VB2017 paper: Exploring the virtual worlds of advergaming

At VB2017 in Madrid, Malwarebytes' Chris Boyd presented a paper in which he looked at various aspects of advergaming, from unreadable EULAs to fake programs that promise to block ads. Today, we publish both the paper and the recording of Chris's presentat…
At VB2016 in Denver, Malwarebytes researchers Jérôme Segura and Chris Boyd presented a paper on malicious advertising, or malvertising. At the end of the paper, as they looked at… https://www.virusbulletin.com/blog/2018/04/vb2017-paper-exploring-virtual-worlds-advergaming/

VB2016 paper: Uncovering the secrets of malvertising

Malicious advertising, a.k.a. malvertising, has evolved tremendously over the past few years to take a central place in some of today’s largest web-based attacks. It is by far the tool of choice for attackers to reach the masses but also to target them wi…
In his VB2014 paper, Bromium researcher Vadim Kotov sketched the possibilities for malicious actors to use web ads to spread exploit kits. Unsurprisingly, malicious actors also… https://www.virusbulletin.com/blog/2017/may/vb2016-paper-uncovering-secrets-malvertising/

VB2016 preview: Uncovering the Secrets of Malvertising

Malvertising, in which legitimate ad networks are abused to silently infect users with malware, has become a real plague in recent years. A VB2016 paper by Malwarebytes researchers Jérôme Segura and Chris Boyd will look at the issue.
Two years ago, at VB2014, Bromium researcher Vadim Kotov presented a paper in which he looked at various possibilities for cybercriminals to leverage ad networks to spread… https://www.virusbulletin.com/blog/2016/september/vb2016-preview-uncovering-secrets-malvertising/

Advertisements on Blogspot sites lead to support scam

Support scam pop-ups presented through malicious advertisements show that, next to vulnerable end points, gullible users remain an easy source of money for online criminals.
In our research for the VBWeb tests, in which we measure the ability of security products to block malicious web traffic, we recently noticed some sites hosted on Google's… https://www.virusbulletin.com/blog/2016/05/advertisements-blogspot-sites-lead-support-scam/

Let's Encrypt certificate used in malversiting

We'd better get used to a world where malicious traffic is encrypted too.
We'd better get used to a world where malicious traffic is encrypted too. According to some people, myself included, Let's Encrypt was one of the best things that happened to the… https://www.virusbulletin.com/blog/2016/01/let-s-encrypt-certificate-used-malversiting/

Adobe to patch Flash Player zero-day next week

Patch due next week as malvertising leads to Bedep trojan downloader.
Patch due next week as malvertising leads to Bedep trojan downloader. As the news of a zero-day vulnerability in Adobe's Flash Player actively being exploited reached the security… https://www.virusbulletin.com/blog/2015/01/adobe-patch-flash-player-zero-day-next-week/

VB2014 paper: Optimized mal-ops. Hack the ad network like a boss

Why buying ad space makes perfect sense for those wanting to spread malware.
Why buying ad space makes perfect sense for those wanting to spread malware.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the… https://www.virusbulletin.com/blog/2014/11/paper-optimized-mal-ops-hack-ad-network-boss/

Malicious ads served on java.com

If you do need to run plug-ins, make sure you enable click-to-play.
If you do need to run plug-ins, make sure you enable click-to-play. Last week, we published a blog previewing the VB2014 paper 'Optimized mal-ops. Hack the ad network like a boss'… https://www.virusbulletin.com/blog/2014/08/malicious-ads-served-java-com/

VB2014 preview: Optimized mal-ops. Hack the ad network like a boss

Researchers Vadim Kotov and Rahul Kashyap to discuss how advertisements are the new exploit kits.
Researchers Vadim Kotov and Rahul Kashyap to discuss how advertisements are the new exploit kits.In the weeks running up to VB2014 (the 24th Virus Bulletin International… https://www.virusbulletin.com/blog/2014/08/preview-optimized-mal-ops-hack-ad-network-boss/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.