VB Blog

VB2017 paper: Nine circles of Cerber

Posted by   Martijn Grooten on   Dec 15, 2017

Cerber is one of the major names in the world of ransomware, and last year, Check Point released a decryption service for the malware. Today, we publish a VB2017 paper by Check Point's Stanislav Skuratovich describing how the Cerber decryption tool worked; we have also uploaded the video of the presentation of this paper, by Or Eshed and Yaniv Balmas.

Read more  

Attack on Fox-IT shows how a DNS hijack can break multiple layers of security

Posted by   Martijn Grooten on   Dec 14, 2017

Dutch security firm Fox-IT deserves praise for being open about an attack on its client network. There are some important lessons to be learned about DNS security from its post-mortem.

Read more  

Throwback Thursday: BGP - from route hijacking to RPKI: how vulnerable is the Internet?

Posted by   Martijn Grooten on   Dec 14, 2017

For this week's Throwback Thursday, we look back at the video of a talk Level 3's Mike Benjamin gave at VB2016 in Denver, on BGP and BGP hijacks.

Read more  

Security Planner gives security advice based on your threat model

Posted by   Martijn Grooten on   Dec 13, 2017

Citizen Lab's Security Planner helps you improve your online safety, based on the specific threats you are facing.

Read more  

VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week

Posted by   Martijn Grooten on   Dec 11, 2017

Today, we publish the video of the VB2017 presentation by Avast researcher Jakub Kroustek and his former colleague Előd Kironský, now at ESET, who told the story of Spora, one of of the most prominent ransomware families of 2017.

Read more  

VB2017 paper: Modern reconnaissance phase on APT – protection layer

Posted by   Martijn Grooten on   Dec 7, 2017

During recent research, Cisco Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. At VB2017 in Madrid, two of those researchers, Paul Rascagneres and Warren Mercer, presented a paper detailing five case studies that demonstrate how the infection vector is evolving. Today we publish both Paul and Warren's paper and the recording of their presentation.

Read more  

VB2017 paper: Peering into spam botnets

Posted by   Martijn Grooten on   Dec 1, 2017

At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.

Read more  

Throwback Thursday: Anti-malware testing undercover

Posted by   Martijn Grooten on   Nov 30, 2017

We look back at the VB2016 presentation by Righard Zwienenberg (ESET) and Luis Corrons (Panda Security), in which they discussed various issues relating to anti-malware testing.

Read more  

Virus Bulletin relaunches VB Security Jobs Market for both employers and job seekers

Posted by   Martijn Grooten on   Nov 30, 2017

As an independent body in the IT security industry, Virus Bulletin is in an ideal position to act as a global source of information both about jobs currently available in the field and about those candidates currently seeking to start or progress their career in the industry - which is why we have relaunched the VB Security Jobs Market.

Read more  

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

Posted by   Martijn Grooten on   Nov 29, 2017

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.

Read more  
Previous1...2627282930...215Next

Search blog

Virus Bulletin announces programme of the first International Threat Intelligence Summit

VB is thrilled to announce the programme of the first International Threat Intelligence Summit that will form an integral part of the VB2018 conference programme.
Today, we are excited to announce the programme of the first International Threat Intelligence Summit, which will form an integral part of the VB2018 conference programme. Most… https://www.virusbulletin.com/blog/2018/08/virus-bulletin-announces-programme-first-international-threat-intelligence-summit/

VB2018 preview: Explain Ethereum smart contract hacking like I am five

Designing smart contracts is hard: we preview a VB2018 paper on the blockchain-based platform Ethereum, that describes both how the technology works and how a number of security issues inherent to the platform have led to various high-profile and often ve…
Shout 'blockchain' in a group of security experts and everyone will start to laugh. It is fair to say that the security community tends to be rather sceptical about… https://www.virusbulletin.com/blog/2018/08/vb2018-preview-explain-ethereum-smart-contract-hacking-i-am-five/

VB2018 preview: Unpacking the packed unpacker: reversing an Android anti-analysis library

At VB2018, Google researcher Maddie Stone will present an analysis of the multi-layered 'WeddingCake' anti-analysis library used by many Android malware families.
Seven years ago, the first VB conference paper on Android malware looked at what was then a new, but growing trend. Since then both the threat and the research community have… https://www.virusbulletin.com/blog/2018/08/vb2018-preview-unpacking-packed-unpacker-reversing-android-anti-analysis-library/

VB2018 preview: From drive-by download to drive-by mining

At VB2018, Malwarebytes researcher Jérôme Segura will discuss the rise of drive-by cryptocurrency mining, explaining how it works and putting it in the broader context of changes in the cybercrime landscape.
"Understanding the new paradigm", Malwarebytes researcher Jérôme Segura writes in the title of his upcoming VB2018 presentation on drive-by mining. He could hardly have put it… https://www.virusbulletin.com/blog/2018/08/vb2018-preview-drive-download-drive-mining/

VB announces Threat Intelligence Summit to take place during VB2018

We are very excited to announce a special summit, as part of VB2018, that will be dedicated to all aspects of threat intelligence.
The very first edition of Virus Bulletin magazine, published in July 1989, contained lists of "[all] known IBM PC viruses" and "[all] known Apple Macintosh viruses". In the… https://www.virusbulletin.com/blog/2018/08/vb-announces-threat-intelligence-summit-take-place-during-vb2018/

VB2018 Small Talk: An industry approach for unwanted software criteria and clean requirements

An industry approach for defining and detecting unwanted software to be presented and discussed at the Virus Bulletin conference.
The constantly evolving threat landscape poses challenges for security vendors. But an equally big, if less reported, challenge is that posed by the kind of software that lives on… https://www.virusbulletin.com/blog/2018/08/vb2018-small-talk-industry-approach-unwanted-software-criteria-and-clean-requirements/

VB2018 call for last-minute papers opened

The call for last-minute papers for VB2018 is now open. Submit before 2 September to have your abstract considered for one of the nine slots reserved for 'hot' research.
Virus Bulletin has opened the call for last-minute papers for VB2018. The VB2018 programme already boasts some 40 talks, with a few more exciting things to be added very soon… https://www.virusbulletin.com/blog/2018/07/vb2018-call-last-minute-papers-opened/

Save the dates: VB2019 to take place 2-4 October 2019

Though the location will remain under wraps for a few more months, we are pleased to announce the dates for VB2019, the 29th Virus Bulletin International Conference.
While we hope that you have already circled the dates of 3-5 October 2018 in your agendas, and that you will join us and security experts from around the world for VB2018 in… https://www.virusbulletin.com/blog/2018/07/save-dates-vb2019-take-place-2-4-october-2019/

Benefit now from early bird discount tickets for VB2018

If you want to come to VB2018 in Montreal this year (and why wouldn't you?) and want to save a bit on the ticket price (and why wouldn't you?), remember that early bird discounts will be available until 30 June.
In a little over three months, security experts from around the world will gather in Montreal for VB2018, the 28th Virus Bulletin International Conference. We have an exciting… https://www.virusbulletin.com/blog/2018/06/last-week-buy-early-bird-discount-ticket-vb2018/

'North Korea' a hot subject among VB2018 talks

Several VB2018 papers deal explicitly or implicitly with threats that have been attributed to North Korean actors.
A few years ago, I somehow got involved in the discussion of a run-of-the-mill malicious spam campaign and ended up speaking to a journalist from the Daily Telegraph. "Is it true… https://www.virusbulletin.com/blog/2018/06/north-korea-hot-subject-among-vb2018-talks/

Registration for VB2018 now open!

Registration for VB2018, the 28th International Virus Bulletin conference, is now open, with an early bird rate available until 1 July.
Registration for VB2018, the 28th Virus Bulletin Conference, which will take place in Montreal 3-5 October this year, is now open. Last month, we announced an exciting and… https://www.virusbulletin.com/blog/2018/05/registration-vb2018-now-open/

RSA 2018: the good, the bad, the ugly, the great and the fantastic

In April, VB's Martijn Grooten attended the RSA Expo in San Francisco. He shares his views on the expo and the industry.
Two weeks ago, I was one of the more than 50,000 people who attended the RSA expo in San Francisco. I deliberately say 'expo', for while I spoke at the event two years ago, this… https://www.virusbulletin.com/blog/2018/05/rsa-2018-good-bad-ugly-great-and-fantastic/

VB2017 paper: Android reverse engineering tools: not the usual suspects

Within a few years, Android malware has grown from a relatively small threat to a huge problem involving more than three million new malware samples a year. Axelle Apvrille, one of the world's leading Android malware researchers, will deliver a workshop o…
Within a few years, Android malware has grown from a relatively small threat – the first VB conference talk on Android, in 2011, mentioned fewer than 100 malware families – to a… https://www.virusbulletin.com/blog/2018/04/vb2017-paper-android-reverse-engineering-tools-not-usual-suspects/

Virus Bulletin at RSA

Next week, VB Editor Martijn Grooten will be at the RSA Conference in San Francisco.
Next week, I will be joining the international security community to attend the RSA Conference in San Francisco. Though it lacks the intimate atmosphere of so many smaller… https://www.virusbulletin.com/blog/2018/04/virus-bulletin-rsa/

Broad-ranging and international VB2018 programme announced

VB is excited to reveal the details of an interesting and diverse programme for VB2018, the 28th Virus Bulletin International Conference, which takes place 3-5 October in Montreal, Canada.
Today, we are very excited to announce the programme for VB2018, the 28th Virus Bulletin International Conference, which is to take place in Montreal, 3-5 October 2018. Putting… https://www.virusbulletin.com/blog/2018/04/broad-and-international-vb2018-programme-announced/

VB2017 paper: Exploring the virtual worlds of advergaming

At VB2017 in Madrid, Malwarebytes' Chris Boyd presented a paper in which he looked at various aspects of advergaming, from unreadable EULAs to fake programs that promise to block ads. Today, we publish both the paper and the recording of Chris's presentat…
At VB2016 in Denver, Malwarebytes researchers Jérôme Segura and Chris Boyd presented a paper on malicious advertising, or malvertising. At the end of the paper, as they looked at… https://www.virusbulletin.com/blog/2018/04/vb2017-paper-exploring-virtual-worlds-advergaming/

VB2016 paper: Wild Android collusions

At VB2016 in Denver, Jorge Blasco presented a paper (co-written with Thomas M. Chen, Igor Muttik and Markus Roggenbach), in which he discussed the concept of app collusion - where two (or more) apps installed on the same device work together to collect an…
Playing out in the sidelines of the Cambridge Analytica scandal was the discovery that Facebook had been collecting metadata on the calls and SMS conversations of many of the… https://www.virusbulletin.com/blog/2018/03/vb2016-paper-wild-android-collusions/

VB2017 paper: The life story of an IPT - Inept Persistent Threat actor

At VB2017 in Madrid, Polish security researcher and journalist Adam Haertlé presented a paper about a very inept persistent threat. Today, we publish both the paper and the recording of Adam's presentation.
Last Wednesday, Belgium-based Polish hacker Thomasz T. was arrested during a visit to his home country. Thomasz is believed to be the author of the Polski, Vortex, and Flotera… https://www.virusbulletin.com/blog/2018/03/vb2017-paper-life-story-ipt-inept-persistent-threat-actor/

Five reasons to submit a VB2018 paper this weekend

The call for papers for VB2018 closes on 18 March, and while we've already received many great submissions, we still want more! Here are five reasons why you should submit a paper this weekend.
The call for papers for VB2018 will close this Sunday, 18 March (in fact, to ensure we cover the entirety of the deadline day across all time zones, we'll close submissions first… https://www.virusbulletin.com/blog/2018/03/five-reasons-submit-vb2018-paper-weekend/

First partners of VB2018 announced

We are excited to announce the first six companies to partner with VB2018.
We are excited to announce that all four Platinum partnerships of VB2018, the 28th Virus Bulletin International Conference, have been filled. Both ESET and Tencent have… https://www.virusbulletin.com/blog/2018/03/first-partners-vb2018-announced/

« Previous 1...45678...16 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.