Posted by Martijn Grooten on Nov 29, 2019
At VB2019 in London, ZEROSPAM researchers Pierre-Luc Vaudry and Olivier Coutu discussed how email clustering could be used to detect malicious Emotet emails that hijacked existing email threads. Today we publish the recording of their presentation.
Posted by Martijn Grooten on Nov 28, 2019
Today we publish a VB2019 paper from Lion Gu and Bowen Pan from the Qi An Xin Threat Intelligence Center in China in which they analysed an APT group dubbed 'Poison Vine', which targeted various government, military and research institutes in China.
Posted by Martijn Grooten on Nov 22, 2019
A VB2019 paper by FireEye researcher Daniel Kapellmann Zafra explained how open source intelligence (OSINT) can be used to learn crucial details of the inner workings of many a system. Today we publish Daniel's paper and the recording of his presentation.
Posted by Martijn Grooten on Nov 21, 2019
Though active for not much longer than a year, GandCrab had been one of the most successful ransomware operations. In a paper presented at VB2019 in London, McAfee researchers John Fokker and Alexandre Mundo looked at the malware code, its evolution and the affiliate scheme behind it. Today we publish both their paper and the recording of their presentation.
Posted by Martijn Grooten on Nov 18, 2019
At VB2019 in London, Check Point researchers Aseel Kayal and Lotem Finkelstein presented a paper detailing an Iranian operation they named 'Domestic Kitten' that used Android apps for targeted surveillance. Today we publish their paper and the video of their presentation.
Posted by Martijn Grooten on Nov 18, 2019
At VB2019 in London, LINE's HeungSoo Kang explained how cryptocurrency exchanges had been attacked using Firefox zero-days. Today, we publish the video of his presentation.
Posted by Martijn Grooten on Nov 7, 2019
In a paper presented at VB2019, Cisco Talos researchers Warren Mercer and Paul Rascagneres looked at two recent attacks against DNS infrastructure: DNSpionage and Sea Turtle. Today we publish their paper and the recording of their presentation.
Posted by Martijn Grooten on Nov 6, 2019
VB has analysed a malicious spam campaign targeting German-speaking users with obfuscated Excel malware that would likely download Dridex but that mostly stood out through its size.
Posted by Martijn Grooten on Nov 5, 2019
We publish a paper by researchers from ESTsecurity in South Korea, who describe a fuzzy hashing algorithm for clustering Android malware datasets.
Posted by Martijn Grooten on Nov 4, 2019
Having returned from a summer hiatus, Emotet is back targeting inboxes and, as seen in the VBSpam test lab, doing a better job than most other malicious campaigns at bypassing email security products.