VB Blog

Registration for VB2018 now open!

Posted by Martijn Grooten on May 8, 2018

Registration for VB2018, the 28th International Virus Bulletin conference, is now open, with an early bird rate available until 1 July.

Posted by Martijn Grooten on May 1, 2018

In April, VB's Martijn Grooten attended the RSA Expo in San Francisco. He shares his views on the expo and the industry.

Posted by Martijn Grooten on Apr 30, 2018

There are a number of security solutions on the market that are designed to increase the default protection provided by Office 365. One such product is the newly launched Kaspersky Security for Microsoft Office 365. Virus Bulletin was commissioned to measure the effectiveness of the Kaspersky product compared to the Office 365 baseline protection.

Posted by Martijn Grooten on Apr 27, 2018

The GravityRAT malware, discovered by Cisco Talos researchers, gives some interesting insight into modern malware development.

Posted by Martijn Grooten on Apr 25, 2018

A BGP hijack was used to take over some of Amazon's DNS infrastructure, which was then used to serve a phishing site to users of the MyEtherWallet service.

Posted by Martijn Grooten on Apr 24, 2018

Various security companies are offering security-focused routers. This is a good trend and may help mitigate a lot of the issues that come with the IoT.

Posted by Virus Bulletin on Apr 23, 2018

Most of the switch from IPv4 to IPv6 will happen seamlessly. But we cannot assume it won't introduce new security issues.

Posted by Martijn Grooten on Apr 19, 2018

Since their return four years ago, Office macros have been one of the most common ways to spread malware. Today, we publish a research paper which looks in detail at a campaign in which VBA macros are used to execute PowerShell code, which in turn downloads the Tesla information-stealing trojan.

Posted by Martijn Grooten on Apr 18, 2018

Within a few years, Android malware has grown from a relatively small threat to a huge problem involving more than three million new malware samples a year. Axelle Apvrille, one of the world's leading Android malware researchers, will deliver a workshop on Android reverse engineering at VB2018 in Montreal this October. Last year, Axelle presented a paper at VB2017 on some of the less common tools that can be used to reverse engineer Android malware. Today, we publish both the paper and the recording of Axelle's presentation.

Posted by Martijn Grooten on Apr 16, 2018

Compromised websites are being used to serve fake Flash Player uploads that come with a malicious payload.

Previous1...2122232425...215Next

Search blog

Storm mails bring spoof World War 3 news

US-Iran war story used as hook for malware barrage.
US-Iran war story used as hook for malware barrage. The Storm botnet has been spamming in force again in the past week, with its expected run targeting 4th of July celebrations in… https://www.virusbulletin.com/blog/2008/07/storm-mails-bring-spoof-world-war-3-news/

Macs under attack from trojan double whammy

Two new threats in a week spark worries of approaching Mac malware era.
Two new threats in a week spark worries of approaching Mac malware era. Users of Apple Mac systems, who have so far only suffered from minimal attention from malware creators, may… https://www.virusbulletin.com/blog/2008/06/macs-under-attack-trojan-double-whammy/

Trojan-to-worm automation tool spotted

GUI gizmo adds extra spreading menace to any malware.
GUI gizmo adds extra spreading menace to any malware. Researchers at Panda have discovered a simple and colourful graphical application designed to add basic worm techniques to… https://www.virusbulletin.com/blog/2008/06/trojan-worm-automation-tool-spotted/

File encryption blackmail scam returns

Kaspersky warns of new and nasty data-ransom trojan.
Kaspersky warns of new and nasty data-ransom trojan. Malware analysts at Kaspersky Lab have warned of the return of the 'Gpcoder' trojan, a nasty piece of 'ransomware' which… https://www.virusbulletin.com/blog/2008/06/file-encryption-blackmail-scam-returns/

Flash exploit used to steal gaming passwords

Despite initial panic, threat no longer believed to a zero-day exploit.
Despite initial panic, threat no longer believed to a zero-day exploit. In the past few days, thousands of websites have indirectly been serving malicious Adobe Flash (.SWF) files.… https://www.virusbulletin.com/blog/2008/05/flash-exploit-used-steal-gaming-passwords/

HP ships infected USB keys

Autorun worms found on batch of server setup devices.
Autorun worms found on batch of server setup devices. A batch of USB thumb drives containing software intended to assist in the setup of servers have been found to contain some… https://www.virusbulletin.com/blog/2008/04/hp-ships-infected-usb-keys/

'Kraken' monster botnet causing controversy

As latest botnet scare debated, Storm keeps on blowing.
As latest botnet scare debated, Storm keeps on blowing. Recent reports of a massive botnet, apparently sneaking its trojans past security software and far outnumbering better-known… https://www.virusbulletin.com/blog/2008/04/kraken-monster-botnet-causing-controversy/

Google Groups and Blogspot used to serve malware

Company finds own IP address to be serving most malware.
Company finds own IP address to be serving most malware.Malware writers have created thousands of Google Groups with the sole purpose of serving malware, Sunbelt reports. On the… https://www.virusbulletin.com/blog/2008/04/google-groups-and-blogspot-used-serve-malware/

Legitimate program becomes trojan downloader

Website of FlashGet attacked; malicious 'update' automatically downloaded.
Website of FlashGet attacked; malicious 'update' automatically downloaded. By hacking into the website of popular Windows download manager FlashGet, cybercriminals have managed to… https://www.virusbulletin.com/blog/2008/03/legitimate-program-becomes-trojan-downloader/

Habbo trojan steals passwords

Extension decorates your room... with malware.
Extension decorates your room... with malware. A trojan has been discovered that masquerades as an extension to social networking site Habbo, formerly known as Habbo Hotel. The… https://www.virusbulletin.com/blog/2008/02/habbo-trojan-steals-passwords/

More PDF exploits seen in wild

Adobe Reader and Acrobat flaws open way for further document attacks.
Adobe Reader and Acrobat flaws open way for further document attacks. A string of vulnerabilities in Adobe's PDF viewing and editing software, disclosed late last week by Adobe and… https://www.virusbulletin.com/blog/2008/02/more-pdf-exploits-seen-wild/

Fake security blogs lead to malware

Blogger sites play on fears to draw victims to porn, trojans.
Blogger sites play on fears to draw victims to porn, trojans. According to a report from Aladdin, numerous fake security blogs have been set up on the Google-owned Blogger blogging… https://www.virusbulletin.com/blog/2008/02/fake-security-blogs-lead-malware/

Phishing danger increases as Storm botnet is hired out

Smart new trojan and Storm diversification add to online banking risk.
Smart new trojan and Storm diversification add to online banking risk. The dangers of banking online grew significantly in past weeks, as portions of the ever-expanding Storm… https://www.virusbulletin.com/blog/2008/01/phishing-danger-increases-storm-botnet-hired-out/

Hundreds of legitimate websites being hacked into

New mass infection leaves security researchers puzzled.
New mass infection leaves security researchers puzzled. Web security company ScanSafe has reported a new mass infection of websites, which it claims accounts for 15% of the web… https://www.virusbulletin.com/blog/2008/01/hundreds-legitimate-websites-being-hacked/

Usual fare for holiday season

Storm ecards and social site spyware mark unsurprising year end.
Storm ecards and social site spyware mark unsurprising year end. With large portions of the globe celebrating various festivals over the past few weeks, an expected upsurge in… https://www.virusbulletin.com/blog/2008/01/usual-fare-holiday-season/

Cyber attackers breach defences at secret US labs

Spearphishing and trojans penetrate research lab security.
Spearphishing and trojans penetrate research lab security. At least one major US science lab, used to handle highly classified government and military material, has had its… https://www.virusbulletin.com/blog/2007/12/cyber-attackers-breach-defences-secret-us-labs/

Infected Seagate hard drives sold in Taiwan

External Maxtor disks shipped carrying autorun datastealer.
External Maxtor disks shipped carrying autorun datastealer. A shipment of Maxtor external hard drives, produced in Thailand by US-based Seagate and sold in Taiwan, has been found… https://www.virusbulletin.com/blog/2007/11/infected-seagate-hard-drives-sold-taiwan/

Melissa has users CAPTCHA'd

Spammers offer strip show for correctly completed CAPTCHAs.
Spammers offer strip show for correctly completed CAPTCHAs. Spammers have spotted a new opportunity for getting humans to help them get past the CAPTCHA tests put in place to… https://www.virusbulletin.com/blog/2007/11/melissa-has-users-captcha-d/

Phishing trojan targets Mac OSX

DNS hijack disguised as codec threatens Apple systems.
DNS hijack disguised as codec threatens Apple systems. A new trojan affecting Apple's Mac OSX operating system - a relative rarity in the malware world - has been seen in the wild.… https://www.virusbulletin.com/blog/2007/11/phishing-trojan-targets-mac-osx/

Storm spams promise spooky Halloween

Tricks not treats as skeleton game emails link to attack.
Tricks not treats as skeleton game emails link to attack. The 'Storm' attack has once again taken advantage of a popular cultural occasion to spam out the latest wave of links to… https://www.virusbulletin.com/blog/2007/10/storm-spams-promise-spooky-halloween/

« Previous 12345 Next »