VB Blog

VB2019 paper: Fantastic Information and Where to Find it: A guidebook to open-source OT reconnaissance

Posted by Martijn Grooten on Nov 22, 2019

A VB2019 paper by FireEye researcher Daniel Kapellmann Zafra explained how open source intelligence (OSINT) can be used to learn crucial details of the inner workings of many a system. Today we publish Daniel's paper and the recording of his presentation.

Posted by Martijn Grooten on Nov 21, 2019

Though active for not much longer than a year, GandCrab had been one of the most successful ransomware operations. In a paper presented at VB2019 in London, McAfee researchers John Fokker and Alexandre Mundo looked at the malware code, its evolution and the affiliate scheme behind it. Today we publish both their paper and the recording of their presentation.

Posted by Martijn Grooten on Nov 18, 2019

At VB2019 in London, Check Point researchers Aseel Kayal and Lotem Finkelstein presented a paper detailing an Iranian operation they named 'Domestic Kitten' that used Android apps for targeted surveillance. Today we publish their paper and the video of their presentation.

Posted by Martijn Grooten on Nov 18, 2019

At VB2019 in London, LINE's HeungSoo Kang explained how cryptocurrency exchanges had been attacked using Firefox zero-days. Today, we publish the video of his presentation.

Posted by Martijn Grooten on Nov 7, 2019

In a paper presented at VB2019, Cisco Talos researchers Warren Mercer and Paul Rascagneres looked at two recent attacks against DNS infrastructure: DNSpionage and Sea Turtle. Today we publish their paper and the recording of their presentation.

Posted by Martijn Grooten on Nov 6, 2019

VB has analysed a malicious spam campaign targeting German-speaking users with obfuscated Excel malware that would likely download Dridex but that mostly stood out through its size.

Posted by Martijn Grooten on Nov 5, 2019

We publish a paper by researchers from ESTsecurity in South Korea, who describe a fuzzy hashing algorithm for clustering Android malware datasets.

Posted by Martijn Grooten on Nov 4, 2019

Having returned from a summer hiatus, Emotet is back targeting inboxes and, as seen in the VBSpam test lab, doing a better job than most other malicious campaigns at bypassing email security products.

Posted by Martijn Grooten on Nov 1, 2019

Those working in the field of infosec are often faced with ethical dilemmas that are impossible to avoid. Today, we publish a VB2019 paper by Kaspersky researcher Ivan Kwiatkowski looking at ethics in infosec as well as the recording of Ivan's presentation.

Posted by Martijn Grooten on Oct 31, 2019

Malware used in domestic abuse situations is a growing threat, and the standard way for anti-virus products to handle such malware may not be good enough. But that doesn't mean there isn't an important role for anti-virus to play.

Previous1...7891011...215Next

Search blog

Storm mails bring spoof World War 3 news

US-Iran war story used as hook for malware barrage.
US-Iran war story used as hook for malware barrage. The Storm botnet has been spamming in force again in the past week, with its expected run targeting 4th of July celebrations in… https://www.virusbulletin.com/blog/2008/07/storm-mails-bring-spoof-world-war-3-news/

Macs under attack from trojan double whammy

Two new threats in a week spark worries of approaching Mac malware era.
Two new threats in a week spark worries of approaching Mac malware era. Users of Apple Mac systems, who have so far only suffered from minimal attention from malware creators, may… https://www.virusbulletin.com/blog/2008/06/macs-under-attack-trojan-double-whammy/

Trojan-to-worm automation tool spotted

GUI gizmo adds extra spreading menace to any malware.
GUI gizmo adds extra spreading menace to any malware. Researchers at Panda have discovered a simple and colourful graphical application designed to add basic worm techniques to… https://www.virusbulletin.com/blog/2008/06/trojan-worm-automation-tool-spotted/

File encryption blackmail scam returns

Kaspersky warns of new and nasty data-ransom trojan.
Kaspersky warns of new and nasty data-ransom trojan. Malware analysts at Kaspersky Lab have warned of the return of the 'Gpcoder' trojan, a nasty piece of 'ransomware' which… https://www.virusbulletin.com/blog/2008/06/file-encryption-blackmail-scam-returns/

Flash exploit used to steal gaming passwords

Despite initial panic, threat no longer believed to a zero-day exploit.
Despite initial panic, threat no longer believed to a zero-day exploit. In the past few days, thousands of websites have indirectly been serving malicious Adobe Flash (.SWF) files.… https://www.virusbulletin.com/blog/2008/05/flash-exploit-used-steal-gaming-passwords/

HP ships infected USB keys

Autorun worms found on batch of server setup devices.
Autorun worms found on batch of server setup devices. A batch of USB thumb drives containing software intended to assist in the setup of servers have been found to contain some… https://www.virusbulletin.com/blog/2008/04/hp-ships-infected-usb-keys/

'Kraken' monster botnet causing controversy

As latest botnet scare debated, Storm keeps on blowing.
As latest botnet scare debated, Storm keeps on blowing. Recent reports of a massive botnet, apparently sneaking its trojans past security software and far outnumbering better-known… https://www.virusbulletin.com/blog/2008/04/kraken-monster-botnet-causing-controversy/

Google Groups and Blogspot used to serve malware

Company finds own IP address to be serving most malware.
Company finds own IP address to be serving most malware.Malware writers have created thousands of Google Groups with the sole purpose of serving malware, Sunbelt reports. On the… https://www.virusbulletin.com/blog/2008/04/google-groups-and-blogspot-used-serve-malware/

Legitimate program becomes trojan downloader

Website of FlashGet attacked; malicious 'update' automatically downloaded.
Website of FlashGet attacked; malicious 'update' automatically downloaded. By hacking into the website of popular Windows download manager FlashGet, cybercriminals have managed to… https://www.virusbulletin.com/blog/2008/03/legitimate-program-becomes-trojan-downloader/

Habbo trojan steals passwords

Extension decorates your room... with malware.
Extension decorates your room... with malware. A trojan has been discovered that masquerades as an extension to social networking site Habbo, formerly known as Habbo Hotel. The… https://www.virusbulletin.com/blog/2008/02/habbo-trojan-steals-passwords/

More PDF exploits seen in wild

Adobe Reader and Acrobat flaws open way for further document attacks.
Adobe Reader and Acrobat flaws open way for further document attacks. A string of vulnerabilities in Adobe's PDF viewing and editing software, disclosed late last week by Adobe and… https://www.virusbulletin.com/blog/2008/02/more-pdf-exploits-seen-wild/

Fake security blogs lead to malware

Blogger sites play on fears to draw victims to porn, trojans.
Blogger sites play on fears to draw victims to porn, trojans. According to a report from Aladdin, numerous fake security blogs have been set up on the Google-owned Blogger blogging… https://www.virusbulletin.com/blog/2008/02/fake-security-blogs-lead-malware/

Phishing danger increases as Storm botnet is hired out

Smart new trojan and Storm diversification add to online banking risk.
Smart new trojan and Storm diversification add to online banking risk. The dangers of banking online grew significantly in past weeks, as portions of the ever-expanding Storm… https://www.virusbulletin.com/blog/2008/01/phishing-danger-increases-storm-botnet-hired-out/

Hundreds of legitimate websites being hacked into

New mass infection leaves security researchers puzzled.
New mass infection leaves security researchers puzzled. Web security company ScanSafe has reported a new mass infection of websites, which it claims accounts for 15% of the web… https://www.virusbulletin.com/blog/2008/01/hundreds-legitimate-websites-being-hacked/

Usual fare for holiday season

Storm ecards and social site spyware mark unsurprising year end.
Storm ecards and social site spyware mark unsurprising year end. With large portions of the globe celebrating various festivals over the past few weeks, an expected upsurge in… https://www.virusbulletin.com/blog/2008/01/usual-fare-holiday-season/

Cyber attackers breach defences at secret US labs

Spearphishing and trojans penetrate research lab security.
Spearphishing and trojans penetrate research lab security. At least one major US science lab, used to handle highly classified government and military material, has had its… https://www.virusbulletin.com/blog/2007/12/cyber-attackers-breach-defences-secret-us-labs/

Infected Seagate hard drives sold in Taiwan

External Maxtor disks shipped carrying autorun datastealer.
External Maxtor disks shipped carrying autorun datastealer. A shipment of Maxtor external hard drives, produced in Thailand by US-based Seagate and sold in Taiwan, has been found… https://www.virusbulletin.com/blog/2007/11/infected-seagate-hard-drives-sold-taiwan/

Melissa has users CAPTCHA'd

Spammers offer strip show for correctly completed CAPTCHAs.
Spammers offer strip show for correctly completed CAPTCHAs. Spammers have spotted a new opportunity for getting humans to help them get past the CAPTCHA tests put in place to… https://www.virusbulletin.com/blog/2007/11/melissa-has-users-captcha-d/

Phishing trojan targets Mac OSX

DNS hijack disguised as codec threatens Apple systems.
DNS hijack disguised as codec threatens Apple systems. A new trojan affecting Apple's Mac OSX operating system - a relative rarity in the malware world - has been seen in the wild.… https://www.virusbulletin.com/blog/2007/11/phishing-trojan-targets-mac-osx/

Storm spams promise spooky Halloween

Tricks not treats as skeleton game emails link to attack.
Tricks not treats as skeleton game emails link to attack. The 'Storm' attack has once again taken advantage of a popular cultural occasion to spam out the latest wave of links to… https://www.virusbulletin.com/blog/2007/10/storm-spams-promise-spooky-halloween/

« Previous 12345 Next »