VB Blog

VB2016 video: Nymaim: the Untold Story

Posted by   Martijn Grooten on   Feb 8, 2017

Until very recently, the Nymaim banking trojan was a serious problem in Poland. Today, we publish the video of the VB2016 presentation by CERT Polska researchers Jarosław Jedynak and Maciej Kotowicz, in which they analyse this malware-dropper-turned-banking-trojan.

Read more  

The Living Dead Anti-Virus

Posted by   Virus Bulletin on   Feb 2, 2017

Should users uninstall their anti-virus products, as was recently suggested by a security expert in a widely shared article? In a guest post, security consultant Hendrik Pilz explains why he doesn't think this is a good idea.

Read more  

Paper: The journey and evolution of God Mode in 2016: CVE-2016-0189

Posted by   Martijn Grooten on   Jan 31, 2017

In a new paper published by Virus Bulletin, FireEye researchers Ankit Anubhav and Manish Sardiwal analyse the 'God Mode' vulnerability CVE-2016-0189 in Microsoft Internet Explorer.

Read more  

VB2016 video: Neverquest: Crime as a Service and On the Hunt for the Big Bucks

Posted by   Martijn Grooten on   Jan 30, 2017

At VB2016, Peter Kruse gave a presentation detailing the Neverquest trojan, the alleged author of which was arrested in Spain earlier this month. Today, we publish the recording of Peter's presentation.

Read more  

VB2016 paper: Great crypto failures

Posted by   Martijn Grooten on   Jan 24, 2017

Crypto is hard, and malware authors often make mistakes. At VB2016, Check Point researchers Yaniv Balmas and Ben Herzog discussed the whys and hows of some of the crypto blunders made by malware authors. Today, we publish their paper and the recording of their presentation.

Read more  

Call for Papers: VB2017

Posted by   Martijn Grooten on   Jan 19, 2017

We have opened the Call for Papers for VB2017. We are particularly interested in receiving submissions from those working outside the security industry itself.

Read more  

Ransomware not a problem for half of businesses

Posted by   Martijn Grooten on   Jan 11, 2017

According to a report by IBM Security, 70 per cent of businesses that are the victim of a ransomware attack end up paying the ransom. However, the report also suggests that a little over half of businesses manage to avoid getting infected at all, showing they must be doing something right.

Read more  

Ransomware would be much worse if it wasn't for email security solutions

Posted by   Martijn Grooten on   Jan 5, 2017

The latest VBSpam test brings good news: at least 199 out of every 200 emails containing a malicious attachment were blocked by email security solutions. All of the full solutions tested achieved a VBSpam award, with five earning a VBSpam+ award.

Read more  

Throwback Thursday: The malware battle: reflections and forecasts

Posted by   Helen Martin on   Jan 5, 2017

"Another year has come to its end and the malware battle still rages on." In January 2004, Jamz Yaneza reflected on the year just ended and pondered what the coming year would have in store for the AV industry.

Read more  

VB2016 paper: Open Source Malware Lab

Posted by   Martijn Grooten on   Jan 4, 2017

At VB2016, ThreatConnect Director of Research Innovation Robert Simmons presented a paper on setting up an open source malware lab. Today, we share the accompanying paper and video.

Read more  
Previous1...3839404142...215Next

Search blog

VB2018 paper and video: Android app deobfuscation using static-dynamic cooperation

Static analysis and dynamic analysis each have their shortcomings as methods for analysing potentially malicious files. Today, we publish a VB2018 paper by Check Point researchers Yoni Moses and Yaniv Mordekhay, in which they describe a method that combin…
Android app deobfuscation using static-dynamic cooperation Read the paper (HTML) Download the paper (PDF)   The two most common methods for analysing potentially malicious… https://www.virusbulletin.com/blog/2019/03/vb2018-paper-and-video-android-app-deobfuscation-using-static-dynamic-cooperation/

VB2019 call for papers closes this weekend

The call for papers for VB2019 closes on 17 March, and while we've already received many great submissions, we still want more!
This weekend the call for papers for VB2019, the 29th Virus Bulletin International Conference, will close. For those who like to submit at the very last minute, the CFP closes… https://www.virusbulletin.com/blog/2019/03/vb2019-call-papers-closes-weekend/

Registration open for VB2019 ─ book your ticket now!

Registration for VB2019, the 29th Virus Bulletin International Conference, is now open, with an early bird rate available until 1 July.
Registration is now open for VB2019, the 29th Virus Bulletin International Conference, which will take place 2-4 October in London, UK. One of the longest-running security… https://www.virusbulletin.com/blog/2019/03/registration-open-vb2019-book-your-ticket-now/

The VB2019 call for papers is about ... papers

When we are calling for papers for the Virus Bulletin conference as we are doing now, we really mean a written paper. But don't worry if you've never written a paper - we can help!
The Call for Papers for VB2019, the 29th Virus Bulletin Conference (London, 2-4 October) is open until Sunday 17 March. When we say "call for papers" we really put the emphasis… https://www.virusbulletin.com/blog/2019/03/vb2019-call-papers-about-papers/

VB2018 video: Adware is just malware with a legal department - how we reverse engineered OSX/Pirrit, received legal threats, and survived

Amit Serper first analysed the OSX/Pirrit adware in 2016, highlighting some of its malware-like techniques, and soon afterwards started receiving legal threats from the company behind it. At VB2018 Amit gave a presentation in which he discussed both the a…
OSX/Pirrit was first analysed in 2016 by Cybereason's Amit Serper in a guest blog post for the Objective See blog. It is an interesting and technically thorough analysis of a… https://www.virusbulletin.com/blog/2019/03/vb2018-video-adware-just-malware-legal-department-how-we-reverse-engineered-osxpirrit-received-legal-threats-and-survived/

VB2018 paper: Anatomy of an attack: detecting and defeating CRASHOVERRIDE

In December 2016, the CRASHOVERRIDE malware framework was used to cause a blackout in Ukraine. At VB2018 in Montreal, Dragos researcher Joe Slowik presented a detailed paper on the framework, explaining how the malware works and how it targets various pro…
Anatomy of an attack: detecting and defeating CRASHOVERRIDE Read the paper (HTML) Download the paper (PDF)       If you're going to be at the RSA Conference in San… https://www.virusbulletin.com/blog/2019/03/vb2018-paper-anatomy-attack-detecting-and-defeating-crashoverride/

VB2018 presentation: Levelling up: why sharing threat intelligence makes you more competitive

In a presentation at VB2018, Michael Daniel, President and CEO of the Cyber Threat Alliance, outlined exactly how threat sharing strengthens a company's competitive advantage. Today we release the recording of his presentation.
Here at VB we often talk about the importance of sharing intelligence, and many of us coming into the industry for the first time have been genuinely surprised by the willingness… https://www.virusbulletin.com/blog/2019/03/vb2018-presentation-levelling-why-sharing-threat-intelligence-makes-you-more-competitive/

VB2018 paper: The modality of mortality in domain names

Domains play a crucial role in most cyber attacks, from the very advanced to the very mundane. Today, we publish a VB2018 paper by Paul Vixie (Farsight Security) who undertook the first systematic study into the lifetimes of newly registered domains.
The modality of mortality in domain names Read the paper (HTML) Download the paper (PDF)       Have you carried out research that furthers our understanding of… https://www.virusbulletin.com/blog/2019/02/vb2018-paper-modality-mortality-domain-names/

VB2018 paper: Analysing compiled binaries using logic

Constraint programming is a lesser-known technique that is becoming increasingly popular among malware analysts. In a paper presented at VB2018 Thaís Moreira Hamasaki presented an overview of the technique and explained how it can be applied to the analys…
Analysing compiled binaries using logic Read the paper (HTML) Download the paper (PDF)   Static analysis of malware is usually "done by a person (a security analyst) who… https://www.virusbulletin.com/blog/2019/02/vb2018-paper-analysing-compiled-binaries-using-logic/

Virus Bulletin encourages experienced speakers and newcomers alike to submit proposals for VB2019

With a little less than a month before the deadline of the call for papers for VB2019, Virus Bulletin encourages submissions from experienced speakers and newcomers alike.
There is a little less than a month left until the deadline (17 March) of the call for papers for VB2019, the 29th Virus Bulletin International Conference. Over almost three… https://www.virusbulletin.com/blog/2019/02/virus-bulletin-encourages-experienced-speakers-and-newcomers-alike-submit-proposals-vb2019/

VB2018 paper: Internet balkanization: why are we raising borders online?

At VB2018 in Montreal, Ixia researcher Stefan Tanase presented a thought-provoking paper on the current state of the Internet and the worrying tendency towards raising borders and restricting the flow of information. Today we publish both his paper and th…
Sir Tim Berners-Lee, inventor of the world wide web, said "I hope we use the Net to cross barriers and connect cultures". Yet increasingly we are seeing barriers being raised not… https://www.virusbulletin.com/blog/2019/02/vb2018-paper-internet-balkanization-why-are-we-raising-borders-online/

VB2018 paper: Where have all the good hires gone?

The cybersecurity skills gap has been described as one of the biggest challenges facing IT leaders today. At VB2018 in Montreal, ESET's Lysa Myers outlined some of the things the industry can do to help address the problem. Today we publish Lysa's paper a…
    Did you see we have opened the Call for Papers for VB2019 in London? Submit your abstract before 17 March for a chance to make it onto the programme of one of the… https://www.virusbulletin.com/blog/2019/02/vb2018-paper-where-have-all-good-hires-gone/

Preview: Nullcon 2019

We look forward the Nullcon 2019 conference in Goa, India, at which VB Editor Martijn Grooten will give a talk on the state of malware.
Does it matter that the number of new malware samples keeps growing? What does the meteoric rise in cryptocurrency malware indicate? Why is there barely any malware on iOS? Which… https://www.virusbulletin.com/blog/2019/02/preview-nullcon-2019/

VB2018 paper: Inside Formbook infostealer

The Formbook information-stealing trojan may not be APT-grade malware, but its continuing spread means it can still be effective. At VB2018 in Montreal, Gabriela Nicolao, a researcher from Deloitte in Argentina, presented a short paper in which she looked…
The Formbook information-stealing trojan has been spread by a number of recent spam campaigns. The malware was advertised in hacking forums as long ago as January 2016, but wasn't… https://www.virusbulletin.com/blog/2019/01/vb2018-paper-inside-formbook-infostealer/

The VB2019 CFP - how the selection procedure works

With the VB2019 Call for Papers having opened last week, we explain how the selection procedure works, which may help you during your abstract submission.
Last week, we opened the call for papers for VB2019, which is to take place 2-4 October in London, UK. The deadline for the call for papers is Sunday 17 March. We are often… https://www.virusbulletin.com/blog/2019/01/vb2019-cfp-how-selection-procedure-works/

VB2018 paper: From Hacking Team to hacked team to…?

Today we publish the VB2018 paper and video by ESET researcher Filip Kafka, who looked at the new malware by Hacking Team, after the company had recovered from the 2015 breach.
It is good practice not to mock or laugh at hacking victims. But when the victim is a company that itself is in the business of hacking and has a habit of selling its products and… https://www.virusbulletin.com/blog/2019/01/vb2018-paper-hacking-team-hacked-team/

VB2019 call for papers - now open!

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2019 is now open and we want to hear from you!
The call for papers for VB2019, the 29th Virus Bulletin International Conference, which will take place in London, UK, 2-4 October 2019, is now open! We welcome submissions on… https://www.virusbulletin.com/blog/2019/01/vb2019-call-papers-now-open/

VB2018 paper: Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors

Today, we publish the VB2018 paper by Chronicle researcher Juan Andres Guerrero-Saade, who argues we should change the way we talk about APT actors.
IT security research stumbled into the world of nation-state intelligence operations more or less by accident. In a now classic VB2015 paper, Juan Andres Guerrero-Saade discussed… https://www.virusbulletin.com/blog/2019/01/vb2018-paper-draw-me-one-your-french-apts-expanding-our-descriptive-palette-cyber-threat-actors/

VB2018 paper: Office bugs on the rise

At VB2018 Sophos researcher Gábor Szappanos provided a detailed overview of Office exploit builders, and looked in particular at the widely exploited CVE-2017-0199. Today we publish his paper and release the video of his presentation.
A large portion of today's malware infections use malicious Office documents as a first-stage payload. Typically, the user is tricked into enabling macros or disabling some… https://www.virusbulletin.com/blog/2018/12/vb2018-paper-office-bugs-rise/

VB2018 video: The Big Bang Theory by APT-C-23

Today, we release the video of the VB2018 presentation by Check Point researcher Aseel Kayal, who connected the various dots relating to campaigns by the APT-C-23 threat group.
The APT-C-23 group, which targets users in the Middle East and in particular in the State of Palestine, was named and first reported on by 360 in a Chinese language blog post in… https://www.virusbulletin.com/blog/2018/12/vb2018-video-big-bang-theory-apt-c-23/

« Previous 1234567...16 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.