VB Blog

VB2020 localhost call for last minute papers: a unique opportunity

Posted by Virus Bulletin on Aug 10, 2020

Why VB2020 localhost presents a unique opportunity for you to share your research with security experts around the globe.

Posted by Virus Bulletin on Jul 31, 2020

The call for last-minute papers for VB2020 localhost is now open. Submit before 17 August to have your paper considered for one of the nine slots reserved for 'hot' research!

Posted by Virus Bulletin on Jul 29, 2020

Announcing VB2020 localhost: the carbon neutral, budget neutral VB conference!

Posted by Virus Bulletin on May 4, 2020

At VB2019, JPCERT/CC's Shusei Tomonaga and Tomoaki Tani presented a paper on attacks that exploit vulnerabilities in software used only in Japan, using malware that is unique to Japan. Today we publish both their paper and the recording of their presentation.

Posted by Helen Martin on Apr 30, 2020

In a follow-up to a paper presented at VB2019, Prismo Systems researchers Abhishek Singh and Ramesh Mani detail algorithms that can be used to detect SQL injection in stored procedures, persistent cross-site scripting (XSS), and server‑side request forgery (SSRF) by instrumenting web applications.

Posted by Virus Bulletin on Apr 16, 2020

VB is pleased to reveal the details of an interesting and diverse programme for VB2020, the 30th Virus Bulletin International Conference.

Posted by Virus Bulletin on Apr 2, 2020

At VB2019 in London, Jamf's Patrick Wardle analysed the WindTail macOS malware used by the WindShift APT group, active in the Middle East. Today we publish both Patrick's paper and the recording of his presentation.

Posted by Virus Bulletin on Mar 24, 2020

At VB2019 cybercrime journalist and researcher Adam Haertlé presented an analysis of almost 2000 unsolicited responses sent by victims of a malicious email campaign. Today we publish both his paper and the recording of his presentation.

Posted by Virus Bulletin on Mar 20, 2020

Often unbeknownst to network administrators, many company networks are used to download child sexual abuse material. In a paper presented at VB2019 in London, NetClean’s Richard Matti and Anna Creutz looked at this problem and what companies can do, ultimately, to help safeguard children. Today we publish their full paper.

Posted by Virus Bulletin on Mar 16, 2020

Here at VB we are keeping a close eye on the global situation regarding the COVID-19 outbreak and the various travel restrictions and health advice, but in the meantime planning and arrangements for VB2020 are going ahead as usual, including the selection of papers.

Previous1234567...215Next

Search blog

Storm mails bring spoof World War 3 news

US-Iran war story used as hook for malware barrage.
US-Iran war story used as hook for malware barrage. The Storm botnet has been spamming in force again in the past week, with its expected run targeting 4th of July celebrations in… https://www.virusbulletin.com/blog/2008/07/storm-mails-bring-spoof-world-war-3-news/

Macs under attack from trojan double whammy

Two new threats in a week spark worries of approaching Mac malware era.
Two new threats in a week spark worries of approaching Mac malware era. Users of Apple Mac systems, who have so far only suffered from minimal attention from malware creators, may… https://www.virusbulletin.com/blog/2008/06/macs-under-attack-trojan-double-whammy/

Trojan-to-worm automation tool spotted

GUI gizmo adds extra spreading menace to any malware.
GUI gizmo adds extra spreading menace to any malware. Researchers at Panda have discovered a simple and colourful graphical application designed to add basic worm techniques to… https://www.virusbulletin.com/blog/2008/06/trojan-worm-automation-tool-spotted/

File encryption blackmail scam returns

Kaspersky warns of new and nasty data-ransom trojan.
Kaspersky warns of new and nasty data-ransom trojan. Malware analysts at Kaspersky Lab have warned of the return of the 'Gpcoder' trojan, a nasty piece of 'ransomware' which… https://www.virusbulletin.com/blog/2008/06/file-encryption-blackmail-scam-returns/

Flash exploit used to steal gaming passwords

Despite initial panic, threat no longer believed to a zero-day exploit.
Despite initial panic, threat no longer believed to a zero-day exploit. In the past few days, thousands of websites have indirectly been serving malicious Adobe Flash (.SWF) files.… https://www.virusbulletin.com/blog/2008/05/flash-exploit-used-steal-gaming-passwords/

HP ships infected USB keys

Autorun worms found on batch of server setup devices.
Autorun worms found on batch of server setup devices. A batch of USB thumb drives containing software intended to assist in the setup of servers have been found to contain some… https://www.virusbulletin.com/blog/2008/04/hp-ships-infected-usb-keys/

'Kraken' monster botnet causing controversy

As latest botnet scare debated, Storm keeps on blowing.
As latest botnet scare debated, Storm keeps on blowing. Recent reports of a massive botnet, apparently sneaking its trojans past security software and far outnumbering better-known… https://www.virusbulletin.com/blog/2008/04/kraken-monster-botnet-causing-controversy/

Google Groups and Blogspot used to serve malware

Company finds own IP address to be serving most malware.
Company finds own IP address to be serving most malware.Malware writers have created thousands of Google Groups with the sole purpose of serving malware, Sunbelt reports. On the… https://www.virusbulletin.com/blog/2008/04/google-groups-and-blogspot-used-serve-malware/

Legitimate program becomes trojan downloader

Website of FlashGet attacked; malicious 'update' automatically downloaded.
Website of FlashGet attacked; malicious 'update' automatically downloaded. By hacking into the website of popular Windows download manager FlashGet, cybercriminals have managed to… https://www.virusbulletin.com/blog/2008/03/legitimate-program-becomes-trojan-downloader/

Habbo trojan steals passwords

Extension decorates your room... with malware.
Extension decorates your room... with malware. A trojan has been discovered that masquerades as an extension to social networking site Habbo, formerly known as Habbo Hotel. The… https://www.virusbulletin.com/blog/2008/02/habbo-trojan-steals-passwords/

More PDF exploits seen in wild

Adobe Reader and Acrobat flaws open way for further document attacks.
Adobe Reader and Acrobat flaws open way for further document attacks. A string of vulnerabilities in Adobe's PDF viewing and editing software, disclosed late last week by Adobe and… https://www.virusbulletin.com/blog/2008/02/more-pdf-exploits-seen-wild/

Fake security blogs lead to malware

Blogger sites play on fears to draw victims to porn, trojans.
Blogger sites play on fears to draw victims to porn, trojans. According to a report from Aladdin, numerous fake security blogs have been set up on the Google-owned Blogger blogging… https://www.virusbulletin.com/blog/2008/02/fake-security-blogs-lead-malware/

Phishing danger increases as Storm botnet is hired out

Smart new trojan and Storm diversification add to online banking risk.
Smart new trojan and Storm diversification add to online banking risk. The dangers of banking online grew significantly in past weeks, as portions of the ever-expanding Storm… https://www.virusbulletin.com/blog/2008/01/phishing-danger-increases-storm-botnet-hired-out/

Hundreds of legitimate websites being hacked into

New mass infection leaves security researchers puzzled.
New mass infection leaves security researchers puzzled. Web security company ScanSafe has reported a new mass infection of websites, which it claims accounts for 15% of the web… https://www.virusbulletin.com/blog/2008/01/hundreds-legitimate-websites-being-hacked/

Usual fare for holiday season

Storm ecards and social site spyware mark unsurprising year end.
Storm ecards and social site spyware mark unsurprising year end. With large portions of the globe celebrating various festivals over the past few weeks, an expected upsurge in… https://www.virusbulletin.com/blog/2008/01/usual-fare-holiday-season/

Cyber attackers breach defences at secret US labs

Spearphishing and trojans penetrate research lab security.
Spearphishing and trojans penetrate research lab security. At least one major US science lab, used to handle highly classified government and military material, has had its… https://www.virusbulletin.com/blog/2007/12/cyber-attackers-breach-defences-secret-us-labs/

Infected Seagate hard drives sold in Taiwan

External Maxtor disks shipped carrying autorun datastealer.
External Maxtor disks shipped carrying autorun datastealer. A shipment of Maxtor external hard drives, produced in Thailand by US-based Seagate and sold in Taiwan, has been found… https://www.virusbulletin.com/blog/2007/11/infected-seagate-hard-drives-sold-taiwan/

Phishing trojan targets Mac OSX

DNS hijack disguised as codec threatens Apple systems.
DNS hijack disguised as codec threatens Apple systems. A new trojan affecting Apple's Mac OSX operating system - a relative rarity in the malware world - has been seen in the wild.… https://www.virusbulletin.com/blog/2007/11/phishing-trojan-targets-mac-osx/

Melissa has users CAPTCHA'd

Spammers offer strip show for correctly completed CAPTCHAs.
Spammers offer strip show for correctly completed CAPTCHAs. Spammers have spotted a new opportunity for getting humans to help them get past the CAPTCHA tests put in place to… https://www.virusbulletin.com/blog/2007/11/melissa-has-users-captcha-d/

Storm spams promise spooky Halloween

Tricks not treats as skeleton game emails link to attack.
Tricks not treats as skeleton game emails link to attack. The 'Storm' attack has once again taken advantage of a popular cultural occasion to spam out the latest wave of links to… https://www.virusbulletin.com/blog/2007/10/storm-spams-promise-spooky-halloween/

« Previous 12345 Next »