VB Blog

VB2019 presentation: Targeted attacks through ISPs

Posted by   Virus Bulletin on   Jan 13, 2020

In 2019 we saw a rise in the number of targeted malware infections spread via ISPs and service providers. In a last-minute paper presented at VB2019 in London, Kaspersky researcher Denis Legezo discussed the details of a number of such cases. Today we release the recording of Denis' presentation.

Read more  

VB2019 presentation: A deep dive into iPhone exploit chains

Posted by   Virus Bulletin on   Jan 10, 2020

In a last-minute presentation at VB2019 in London, John Bambenek of the University of Illinois at Urbana-Champaign discussed details of campaigns that used advanced iOS and Android exploit chains against China’s Uighur minority. Today we release the recording of John's presentation.

Read more  

Latest VBWeb report describes current state of the web-based threat landscape

Posted by   Helen Martin on   Jan 8, 2020

Today we released the Winter 2020 VBWeb report, detailing the performance of web security products against live web threats and looking at the current state of the web-based threat landscape.

Read more  

VB2019 paper: Catch me if you can: detection of injection exploitation by validating query and API integrity

Posted by   Virus Bulletin on   Jan 6, 2020

In a paper presented at VB2019 in London, Prismo Systems researchers Abhishek Singh and Ramesh Mani discussed code injection vulnerabilities and presented a tool that could detect this vulnerability class. Today we publish their paper and the recording of their presentation.

Read more  

Virus Bulletin says a fond farewell and thank you to Martijn Grooten

Posted by   Helen Martin on   Dec 31, 2019

As VB Editor Martijn Grooten steps down from his role to move on to new challenges, the team wish him a fond farewell and the very best of luck in his future endeavours.

Read more  

VB2019 paper: Never before had Stierlitz been so close to failure (or: what is a Soviet super-spy doing in a popular bundleware for Mac?)

Posted by   Martijn Grooten on   Dec 27, 2019

Today, we publish the VB2019 paper and video by Sophos researcher Sergei Shevchenko in which he analyses a popular yet unnamed piece of macOS ‘bundleware’.

Read more  

Parting thoughts 5: bringing the good news

Posted by   Martijn Grooten on   Dec 23, 2019

In the final of a five-part series of blog posts, departing VB Editor Martijn Grooten argues for more emphasis on the good news in security, especially that which is more subtle.

Read more  

Parting thoughts 4: the big picture

Posted by   Virus Bulletin on   Dec 20, 2019

In the fourth of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why security researchers should refer to other people's work.

Read more  

Parting thoughts 3: taking security seriously

Posted by   Martijn Grooten on   Dec 19, 2019

In the third of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes security vendors should take their products' security more seriously.

Read more  

VB2019 paper: Exploring the Chinese DDoS landscape

Posted by   Martijn Grooten on   Dec 19, 2019

China has long been a hotbed of DDoS activities, and today we publish a VB2019 paper by Intezer researcher Nacho Sanmillan who looked at Chinese threat groups engaged in performing DDoS attacks. We have also uploaded the recording of his presentation.

Read more  
Previous1...56789...215Next

Search blog

VB2017 paper: The life story of an IPT - Inept Persistent Threat actor

At VB2017 in Madrid, Polish security researcher and journalist Adam Haertlé presented a paper about a very inept persistent threat. Today, we publish both the paper and the recording of Adam's presentation.
Last Wednesday, Belgium-based Polish hacker Thomasz T. was arrested during a visit to his home country. Thomasz is believed to be the author of the Polski, Vortex, and Flotera… https://www.virusbulletin.com/blog/2018/03/vb2017-paper-life-story-ipt-inept-persistent-threat-actor/

VB2017 preview: BPH exposed - RBN never left they just adapted and evolved. Did you?

We preview the VB2017 paper by Dhia Mahjoub (OpenDNS) and Jason Passwaters (Intel471) who combine an actor-centric and a network-centric approach to analysing bulletproof hosting operations.
Running a cybercriminal enterprise isn't all that easy. Try, for instance, setting up a site hosting malware and you'll find that sooner or later the provider will suspend your… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-bph-exposed-rbn-never-left-they-just-adapted-and-evolved-did-you/

Despite the profitability of ransomware there is a good reason why mining malware is thriving

Though ransomware is far more profitable than using a compromised PC to mine bitcoins, the global distribution of malware means that there are many botnets for which mining is the most efficient way to extract money out of a PC.
When, a few years ago, a friend and I were analysing a rather large botnet and we saw some network traffic indicating that it was engaged in Bitcoin mining, we felt rather… https://www.virusbulletin.com/blog/2017/09/despite-profitability-ransomware-there-good-reason-why-mining-malware-thriving/

Throwback Thursday: Ten memorable Virus Bulletin conference presentations - part 1

In a two-part blog post series, we look back at ten memorable VB conference presentations from the past ten years.
With an excellent conference programme (and still some gaps to fill!), we have much to look forward to when it comes to VB2017, the 27th Virus Bulletin conference. But we also… https://www.virusbulletin.com/blog/2017/08/throwback-thursday-ten-memorable-virus-bulletin-conference-presentations-part-1/

VB2016 paper: Modern attacks on Russian financial institutions

Today, we publish the VB2016 paper and presentation (recording) by ESET researchers Jean-Ian Boutin and Anton Cherepanov, in which they look at sophisticated attacks against Russian financial institutions.
Today, we publish the VB2016 paper "Modern attacks on Russian financial institutions" (here in HTML format and here in PDF format) by ESET researchers Jean-Ian Boutin and Anton… https://www.virusbulletin.com/blog/2016/december/vb2016-paper-modern-attacks-russian-financial-institutions/

Small Talks return to the Virus Bulletin Conference

Following their success last year, this year a series of "Small Talks" return to the VB2016 conference programme. We are pleased to announce the details of six of these talks, covering subjects that range from the Chinese cybercriminal underground to Andr…
VB2015 was the 25th Virus Bulletin conference and, to celebrate the occasion, we added a third stream to the programme. Dubbed "Small Talks", these talks were longer than those on… https://www.virusbulletin.com/blog/2016/08/small-talks-return-virus-bulletin-conference/

VB2015 paper: Sizing cybercrime: incidents and accidents, hints and allegations

Cybercrime is big. But how big is it really? In a paper presented at VB2015 and together with the presentation video published on our website today, ESET researcher Stephen Cobb looks at previous studies that attempt the size of cybercrime and asks why we…
How big is cybercrime? Various attempts have been made to measure the size of cybercrime around the world, or in individual countries, but how reliable are the methodologies… https://www.virusbulletin.com/blog/2016/02/vb2015-paper-sizing-cybercrime-incidents-and-accidents-hints-and-allegations/

Paper: 3ROS exploit framework kit — one more for the infection road

Aditya K. Sood and Rohit Bansal highlight a different side of an exploit kit.
Aditya K. Sood and Rohit Bansal highlight a different side of an exploit kit. Exploit kits are a serious plague on the Internet, made worse by the fact that the online… https://www.virusbulletin.com/blog/2015/11/paper-3ros-exploit-framework-kit-one-more-infection-road/

Throwback Thursday: Misguided or malevolent? New trends in virus writing

This Throwback Thursday, we turn the clock back to February 2004 when Stuart Taylor wondered whether there was truly a criminal element entering virus writing.
This Throwback Thursday, we turn the clock back to February 2004 when Stuart Taylor wondered whether there was truly a criminal element entering virus writing. These days, no one… https://www.virusbulletin.com/blog/2015/10/throwback-thursday-misguided-or-malevolent-new-trends-virus-writing/

Paper: Beta exploit pack: one more piece of crimeware for the infection road!

Exploit kit currently being tested focuses primarily on Flash Player exploits.
Exploit kit currently being tested focuses primarily on Flash Player exploits. Nuclear, Angler, Magnitude and Rig. Security researchers know we're talking about exploit kits (or… https://www.virusbulletin.com/blog/2015/06/paper-beta-exploit-pack-one-more-piece-crimeware-infection-road/

VB2014 paper: Hiding the network behind the network. Botnet proxy business model

Cristina Vatamanu and her colleagues describe how botherders keep their C&C servers hidden.
Cristina Vatamanu and her colleagues describe how botherders keep their C&C servers hidden.Over the next few months, we will be sharing VB2014 conference papers as well as video… https://www.virusbulletin.com/blog/2014/10/paper-hiding-network-behind-network-botnet-proxy-business-model/

VB2014 paper: Exposing Android white collar criminals

Luis Corrons dives into the world of shady Android apps.
Luis Corrons dives into the world of shady Android apps.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the presentations.… https://www.virusbulletin.com/blog/2014/10/paper-exposing-android-white-collar-criminals/

VB2014 paper: DNSSEC - how far have we come?

Nick Sullivan describes how DNSSEC uses cryptography to add authentication and integrity to DNS responses.
Nick Sullivan describes how DNSSEC uses cryptography to add authentication and integrity to DNS responses.Over the next months, we will be sharing conference papers as well as… https://www.virusbulletin.com/blog/2014/10/paper-dnssec-how-far-have-we-come/

VB2014 paper: The evolution of webinjects

Jean-Ian Boutin looks at the increased commoditization of webinjects.
Jean-Ian Boutin looks at the increased commoditization of webinjects.Virus Bulletin has always been about sharing information, and the Virus Bulletin conference is an important… https://www.virusbulletin.com/blog/2014/10/paper-evolution-webinjects/

Browser-based ransomware uses scare tactics to extort money

Unsophisticated scam shows the high level of commoditization of today's cybercrime.
Unsophisticated scam shows the high level of commoditization of today's cybercrime. A case of browser-based ransomware, that is currently using social engineering tactics in an… https://www.virusbulletin.com/blog/2014/01/browser-based-ransomware-uses-scare-tactics-extort-money/

Cat carries computer virus

Cat collared.
Cat collared. Japanese police have captured a cat said to be carrying a computer virus on a memory card attached to its collar. The bizarre 'arrest' came after various Japanese… https://www.virusbulletin.com/blog/2013/01/cat-carries-computer-virus/

European Cybercrime Centre set for launch

Central cybercrime resource for EU member states.
Central cybercrime resource for EU member states. This Friday will see the doors of the new European Cybercrime Centre (EC3) officially open in The Hague. The EC3 - which will be… https://www.virusbulletin.com/blog/2013/01/european-cybercrime-centre-set-launch/

Cybercriminals offering service flooding email, phone and SMS

DDoS-type attack could seriously disrupt business.
DDoS-type attack could seriously disrupt business. A new service is being offered on underground forums where between 25,000 and 100,000 emails are being sent to an email account… https://www.virusbulletin.com/blog/2012/07/cybercriminals-offering-service-flooding-email-phone-and-sms/

'Largest takedown ever' sees six arrested

Millions made through 'DNSChanger' malware.
Millions made through 'DNSChanger' malware. Six Estonian nationals have been arrested for taking part in a cybercrime ring that made money through DNS-changing malware that had… https://www.virusbulletin.com/blog/2011/11/largest-takedown-ever-sees-six-arrested/

DNS poisoning attack targeting Brazilian customers

ISP employee suspected of changing DNS cache.
ISP employee suspected of changing DNS cache. Millions of Internet users in Brazil may have been exposed to malware after the DNS caches of their ISPs were modified to redirect… https://www.virusbulletin.com/blog/2011/11/dns-poisoning-attack-targeting-brazilian-customers/

« Previous 123 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.