VB Blog

Avast to present technical details of CCleaner hack at VB2017

Posted by   Martijn Grooten on   Oct 2, 2017

The recently discovered malicious CCleaner version has become one of the biggest security stories of 2017. Two researchers from Avast, the company that had recently acquired CCleaner developer Piriform, will share the results of their investigations at VB2017 in Madrid this week.

Read more  

VB2017 preview: Walking in your enemy's shadow: when fourth-party collection becomes attribution hell

Posted by   Martijn Grooten on   Oct 2, 2017

We preview the VB2017 paper by Kaspersky Lab researchers Juan Andrés Guerrero-Saade and Costin Raiu on fourth-party collection and its implications for attack attribution.

Read more  

VB2017 preview: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

Posted by   Martijn Grooten on   Sep 29, 2017

We preview Patrick Wardle's VB2017 paper, in which the Synack researcher analyses the mysterious OSX/FruitFly malware by setting up a custom C&C server.

Read more  

VB2017 - information for press

Posted by   Martijn Grooten on   Sep 28, 2017

More than 50 security industry experts will present conference papers to their peers at VB2017 next week, and there are several papers on the programme with a certain newsworthiness. There is still time for cybersecurity journalists to apply for a press pass.

Read more  

VB2017 preview: BPH exposed - RBN never left they just adapted and evolved. Did you?

Posted by   Martijn Grooten on   Sep 25, 2017

We preview the VB2017 paper by Dhia Mahjoub (OpenDNS) and Jason Passwaters (Intel471) who combine an actor-centric and a network-centric approach to analysing bulletproof hosting operations.

Read more  

Test your technical and mental limits in the VB2017 foosball tournament

Posted by   Martijn Grooten on   Sep 22, 2017

As has become tradition, VB2017 will once again see a security industry table football tournament. Register your team now for some great fun and adrenaline-filled matches in between sessions in Madrid!

Read more  

The case against running Windows XP is more subtle than we think it is

Posted by   Martijn Grooten on   Sep 21, 2017

Greater Manchester Police is one of many organizations still running Windows XP on some of its systems. This is bad practice, but the case against running XP is far more subtle than we often pretend it is.

Read more  

Hot FinSpy research completes VB2017 programme

Posted by   Martijn Grooten on   Sep 21, 2017

Researchers from ESET have found a new way in which the FinSpy/FinFisher 'government spyware' can infect users, details of which they will present at VB2017 in Madrid.

Read more  

Transparency is essential when monitoring your users' activities

Posted by   Virus Bulletin on   Sep 20, 2017

Activity monitoring by security products in general, and HTTPS traffic inspection in particular, are sensitive issues in the security community. There is a time and a place for them, VB's Martijn Grooten argues, but only when they are done right.

Read more  

VB2017 preview: Android reverse engineering tools: not the usual suspects

Posted by   Martijn Grooten on   Sep 19, 2017

We preview the VB2017 paper by Fortinet researcher Axelle Apvrille, in which she looks at some less obvious tools for reverse engineering Android malware.

Read more  
Previous1...2930313233...215Next

Search blog

VB2016 paper: Uncovering the secrets of malvertising

Malicious advertising, a.k.a. malvertising, has evolved tremendously over the past few years to take a central place in some of today’s largest web-based attacks. It is by far the tool of choice for attackers to reach the masses but also to target them wi…
In his VB2014 paper, Bromium researcher Vadim Kotov sketched the possibilities for malicious actors to use web ads to spread exploit kits. Unsurprisingly, malicious actors also… https://www.virusbulletin.com/blog/2017/may/vb2016-paper-uncovering-secrets-malvertising/

VB2016 paper: Building a local passiveDNS capability for malware incident response

At VB2016, Splunk researchers Kathy Wang and Steve Brant presented a Splunk app that can be used to locally collect passive DNS data. A recording of their presentation is now available to view on our YouTube channel.
Anyone who has ever investigated a malware or phishing attack will know the feeling: "if only I could find out what IP address this domain pointed to when the attack took place".… https://www.virusbulletin.com/blog/2017/may/vb2016-paper-building-local-passivedns-capabilityfor-malware-incident-response/

VB2016 video: Last-minute paper: A malicious OS X cocktail served from a tainted bottle

In a VB2016 last-minute presentation, ESET researchers Peter Kalnai and Martin Jirkal looked at the OS X malware threats KeRanger and Keydnap, that both spread through a compromised BitTorrent client. A recording of their presentation is now available to …
Though nowhere near as exotic as it was a few years ago, malware for OS X continues to attract researchers' attention. This was certainly the case for the KeyRanger ransomware and… https://www.virusbulletin.com/blog/2017/04/vb2016-video-last-minute-paper-malicious-os-x-cocktail-served-tainted-bottle/

Consumer spyware: a serious threat with a different threat model

Consumer spyware is a growing issue and one that can have serious consequences: its use is increasingly common in domestic violence. But do our threat models consider the attacker with physical access to, and inside knowledge of the victim?
We all know the risks of having a device infected with malware: an anonymous adversary far away can encrypt your files and hold them to ransom; they can steal your personal data… https://www.virusbulletin.com/blog/2017/04/consumer-spyware-serious-threat-different-threat-model/

VB2016 paper: Debugging and monitoring malware network activities with Haka

In their VB2016 paper, Stormshield researchers Benoît Ancel and Mehdi Talbi introduced Haka, an open-source language to monitor, debug and control malicious network traffic. Both their paper and the video recording of their presentation are now available …
Anyone who has ever analysed malware through its network communications will knows that this often involves ad-hoc scripts in languages like Python or Perl to decode the traffic.… https://www.virusbulletin.com/blog/2017/04/vb2016-paper-debugging-and-monitoring-malware-network-activities-haka/

VB2017: a wide ranging and international conference programme

We are proud to announce a very broad and very international programme for VB2017, which will take place in Madrid, 4-6 October 2017.
Packets don't do borders, which makes computer security a very global problem and one that can only be tackled if we work together. For 26 years, the Virus Bulletin conference has… https://www.virusbulletin.com/blog/2017/04/vb2017-very-international-conference-programme/

John Graham-Cumming and Brian Honan to deliver keynote addresses at VB2017

Virus Bulletin is excited to announce John-Graham Cumming and Brian Honan as the two keynote speakers for VB2017 in Madrid.
Later this week, we'll be announcing the programme for VB2017, the 27th Virus Bulletin International Conference - a programme that we think is the best yet, and about which we are… https://www.virusbulletin.com/blog/2017/04/john-graham-cumming-and-brian-honan-deliver-keynote-addresses-vb2017/

VB2016 paper: One-Click Fileless Infection

Symantec researchers Himanshu Anand and Chastine Menrige explain how a single click can lead to a compromised machine, without malware ever being stored on disk.
Over the last few years, we have seen a sharp increase in 'fileless' infections, where a machine is compromised without a malicious file ever being written to disk. Though not… https://www.virusbulletin.com/blog/2017/03/vb2016-paper-one-click-fileless-infection/

Quick impressions from BSides Budapest

At Virus Bulletin, we love the BSides concept and we have attended several of the BSides events around the world. So when Peter Karsai, who is soon to join the VB team, offered to write about his experience at BSides Budapest, we jumped at the chance to p…
At Virus Bulletin, we love the BSides concept and we have attended several of the BSides events around the world. So when Peter Karsai, who is soon to join the VB team, offered to… https://www.virusbulletin.com/blog/2017/03/quick-impressions-bsides-budapest/

First sponsors of VB2017 announced

We are excited to announce the first five sponsors of VB2017, companies based in Europe, Asia and North America.
We are proud of the fact that the Virus Bulletin Conference is one of the industry's most international security conferences, with speakers and attendees coming together from all… https://www.virusbulletin.com/blog/2017/03/first-sponsors-vb2017-announced/

VB2017: What is happening in the threat landscape and what are we doing against it? Submit a proposal in the VB2017 CFP!

Have you analysed a new online threat? Do you know a new way to defend against such threats? Then submit an abstract in the CFP for VB2017!
There are four weeks (minus one day) until the Call for Papers for VB2017 closes. The Virus Bulletin International Conference is one of the longest running and most prestigious… https://www.virusbulletin.com/blog/2017/02/vb2017-what-happening-and-what-are-we-doing-against-it-submit-now-cfp/

VB2016 paper: APT reports and OPSEC evolution, or: these are not the APT reports you are looking for

APT reports are great for gaining an understanding of how advanced attack groups operate - however, they can also provide free QA for the threat actors. Today, we publish a VB2016 paper by Gadi Evron (Cymmetria) and Inbar Raz (Perimeter X), who discuss wh…
Ever since Mandiant released its APT1 report four years ago, reports on advanced attack groups have been an important fixture in the security industry. These reports are great for… https://www.virusbulletin.com/blog/2017/02/vb2016-paper-apt-reports-and-opsec-evolution-or-these-are-not-apt-reports-you-are-looking/

VB2016 video: Neverquest: Crime as a Service and On the Hunt for the Big Bucks

At VB2016, Peter Kruse gave a presentation detailing the Neverquest trojan, the alleged author of which was arrested in Spain earlier this month. Today, we publish the recording of Peter's presentation.
Earlier this month, Spanish police officers arrested a Russian national on suspicion of creating the Neverquest banking trojan. Neverquest, also known as Vawtrak, is one of the… https://www.virusbulletin.com/blog/2017/01/vb2016-video-neverquest-crime-service-and-hunt-big-bucks/

VB2016 paper: Great crypto failures

Crypto is hard, and malware authors often make mistakes. At VB2016, Check Point researchers Yaniv Balmas and Ben Herzog discussed the whys and hows of some of the crypto blunders made by malware authors. Today, we publish their paper and the recording of …
"More malware is using cryptography, and more malware is using better cryptography," said Check Point researcher Yaniv Balmas on stage during VB2016. While the increased use of… https://www.virusbulletin.com/blog/2017/01/vb2016-paper-great-crypto-failures/

Call for Papers: VB2017

We have opened the Call for Papers for VB2017. We are particularly interested in receiving submissions from those working outside the security industry itself.
The call for papers for VB2017, which will take place 4-6 October in Madrid, Spain, is now open! Have you analysed a new malware campaign? Tracked an APT actor? Discovered a… https://www.virusbulletin.com/blog/2017/01/call-papers-vb2017/

VB2016 paper: Open Source Malware Lab

At VB2016, ThreatConnect Director of Research Innovation Robert Simmons presented a paper on setting up an open source malware lab. Today, we share the accompanying paper and video.
Security experts aren't necessarily known for being skilled at predicting the future, but if there's one prediction they are guaranteed to get right, it's that there will be a lot… https://www.virusbulletin.com/blog/2017/01/vb2016-paper-open-source-malware-lab/

A Christmas present for the security community

As a Christmas present for the security community, we have uploaded most of the papers and videos from the VB2015 conference which took place in Prague almost 15 months ago. The Virus Bulletin crew wishes you all the best for 2017!
A botnet of Internet-connected cameras causing the largest DDoS ever; the ransomware threat that appears to get worse every day; a state-sponsored hacker group that attempted to… https://www.virusbulletin.com/blog/2016/december/christmas-present-security-community/

VB2016 video: On the StrongPity waterhole attacks targeting Italian and Belgian encryption users

At VB2016, Kaspersky Lab researcher Kurt Baumgartner delivered a presentation on the StrongPity watering hole attacks that targeted users of encryption technologies, and which were recently featured in a report by Microsoft. Today, we share the video of K…
Last week, Microsoft published a paper on two attack groups, dubbed PROMETHIUM and NEODYMIUM, that targeted individuals in Europe and that both used the then unknown and unpatched… https://www.virusbulletin.com/blog/2016/december/vb2016-video-strongpity-waterhole-attacks-targeting-italian-and-belgian-encryption-users/

Conference review: Botconf 2016

Three members of the Virus Bulletin team attended the Botconf 2016 conference in Lyon, France last month, enjoying talks on subjects that ranged from state-sponsored attacks to exploit kits, and from banking trojans to cyber insurance.
This review was written by Martijn Grooten, Adrian Luca and Ionuț Răileanu. Though still only in its fourth year, Botconf has become one of the Virus Bulletin team's favourite… https://www.virusbulletin.com/blog/2016/december/conference-review-botconf-2016/

VB2016 paper: Modern attacks on Russian financial institutions

Today, we publish the VB2016 paper and presentation (recording) by ESET researchers Jean-Ian Boutin and Anton Cherepanov, in which they look at sophisticated attacks against Russian financial institutions.
Today, we publish the VB2016 paper "Modern attacks on Russian financial institutions" (here in HTML format and here in PDF format) by ESET researchers Jean-Ian Boutin and Anton… https://www.virusbulletin.com/blog/2016/december/vb2016-paper-modern-attacks-russian-financial-institutions/

« Previous 1...89101112...16 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.