VB Blog

Security advice in the wake of WannaCry and Not(Petya)

Posted by   Martijn Grooten on   Jun 30, 2017

As WannaCry and (Not)Petya have shown, malware attacks can do a lot of damage. So is staying safe just a case of following good security advice?

Read more  

48 hours after initial reports, many mysteries remain around the latest ransomware/wiper threat

Posted by   Martijn Grooten on   Jun 29, 2017

Whether you call it Petya, NotPetya, Nyetya or Petna, there are still many mysteries surrounding the malware that has been causing havoc around the world.

Read more  

VB2017 Early Bird discount to expire this week

Posted by   Martijn Grooten on   Jun 28, 2017

This week, the Early Bird discount for VB2017 comes to an end - so, for a 10% saving on the cost of full price registration, make sure you register now!

Read more  

VB2016 paper: Steam stealers: it's all fun and games until someone's account gets hijacked

Posted by   Martijn Grooten on   Jun 23, 2017

Last year, Kaspersky Lab researcher Santiago Pontiroli and PwC's Bart Parys presented a VB2016 paper analysing the malicious threats faced by users of the Steam online gaming platform, and highlighting how organized criminals are making money with these profitable schemes. Today, we publish the paper.

Read more  

Research paper shows it may be possible to distinguish malware traffic using TLS

Posted by   Martijn Grooten on   Jun 22, 2017

Researchers at Cisco have published a paper describing how it may be possible to use machine learning to distinguish malware command-and-control traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C&C traffic.

Read more  

Is CVE-2017-0199 the new CVE-2012-0158?

Posted by   Martijn Grooten on   Jun 20, 2017

After five years of exploitation in a wide variety of attacks, CVE-2012-0158 may have found a successor in CVE-2017-0199, which is taking the Office exploit scene by storm.

Read more  

Review: BSides London 2017

Posted by   Martijn Grooten on   Jun 19, 2017

Virus Bulletin was a proud sponsor of BSides London 2017 - Martijn Grooten reports on a great event.

Read more  

VB2017: one of the most international security conferences

Posted by   Martijn Grooten on   Jun 15, 2017

It is well known that the problem of cybersecurity is a global one that affects users worldwide - but it's also one that has some unique local flavours. With speakers representing at least 24 countries, VB2017 is one of the most international security conferences on the circuit, allowing attendees to hear the viewpoints of experts from around the world. Register before 1 July and receive a 10% Early Bird discount.

Read more  

VB2016 paper: Diving into Pinkslipbot's latest campaign

Posted by   Martijn Grooten on   Jun 12, 2017

Qakbot or Qbot, is a banking trojan that makes the news every once in a while and was the subject of a VB2016 paper by Intel Security researchers Sanchit Karve, Guilherme Venere and Mark Olea. In it, they provided a detailed analysis of the Pinkslipbot/Qakbot trojan and its then latest campaign. Their full paper is now available to download or read online.

Read more  

Book review: Spam: A Shadow History of the Internet

Posted by   Martijn Grooten on   Jun 2, 2017

VB Editor Martijn Grooten reviews Finn Brunton's book 'Spam: A Shadow History of the Internet'.

Read more  
Previous1...3435363738...215Next

Search blog

The VB2014 presentation you never saw. Early launch Android malware: your phone is 0wned

Malicious apps may have more privileges than security software.
Malicious apps may have more privileges than security software. There are many people without whom a Virus Bulletin conference wouldn't be possible: the VB team, the crew from Cue… https://www.virusbulletin.com/blog/2014/10/presentation-you-never-saw-early-launch-android-malware-your-phone-0wned/

Crypto blunder makes TorrentLocker easy to crack

Use of single XOR key leaves ransomware open to known-plaintext attack.
Use of single XOR key leaves ransomware open to known-plaintext attack. It has been said many times before: cryptography is hard. Earlier this year, the authors of the 'Bitcrypt'… https://www.virusbulletin.com/blog/2014/09/crypto-blunder-makes-torrentlocker-easy-crack/

Researchers release CryptoLocker decryption tool

Tool uses private keys found in database of victims.
Tool uses private keys found in database of victims.Please note: this blog post was written in August 2014 and refers to a particular kind of encryption-ransomware that was active… https://www.virusbulletin.com/blog/2014/08/researchers-release-cryptolocker-decryption-tool/

Researchers crack ransomware encryption

'Bitcrypt' authors confused their bytes and digits.
'Bitcrypt' authors confused their bytes and digits. Two French researchers have found a serious vulnerability in a new piece of ransomware that has allowed them to crack the keys… https://www.virusbulletin.com/blog/2014/02/researchers-crack-ransomware-encryption/

Browser-based ransomware uses scare tactics to extort money

Unsophisticated scam shows the high level of commoditization of today's cybercrime.
Unsophisticated scam shows the high level of commoditization of today's cybercrime. A case of browser-based ransomware, that is currently using social engineering tactics in an… https://www.virusbulletin.com/blog/2014/01/browser-based-ransomware-uses-scare-tactics-extort-money/

NCA issues alert on CryptoLocker ransomware

Malware demands $1,000 ransom to decrypt files.
Malware demands $1,000 ransom to decrypt files. This weekend, the UK's National Crime Agency (NCA) issued an alert about the 'CryptoLocker' ransomware - following a similar alert… https://www.virusbulletin.com/blog/2013/11/nca-issues-alert-cryptolocker-ransomware/

VB2012 last-minute papers announced

Hot topics to be covered at VB conference in Dallas.
Hot topics to be covered at VB conference in Dallas. For the last six years, VB has set aside a section of the VB conference for 'last-minute' papers, the idea being that… https://www.virusbulletin.com/blog/2012/09/last-minute-papers-announced/

Gach do bonn a mbaineann a chur chugainn

Why cybercriminals may have a reason for using Irish language in a ransomware scam.
Why cybercriminals may have a reason for using Irish language in a ransomware scam. According to a story that made the security headlines this weekend, and which seems to orginate… https://www.virusbulletin.com/blog/2012/09/gach-do-bonn-mbaineann-chur-chugainn/

Ransom trojan demands Windows re-activation

Criminals make money through calls to supposedly free phone number.
Criminals make money through calls to supposedly free phone number. A new piece of ransomware has been discovered that shows the PC user a blue screen and asks them to re-activate… https://www.virusbulletin.com/blog/2011/04/ransom-trojan-demands-windows-re-activation/

Malicious applications target Orkut

Visitors to infected social network profiles redirected to phishing sites.
Visitors to infected social network profiles redirected to phishing sites. Users of the social networking site Orkut have found themselves targeted by malicious applications that… https://www.virusbulletin.com/blog/2010/11/malicious-applications-target-orkut/

File encryption blackmail scam returns

Kaspersky warns of new and nasty data-ransom trojan.
Kaspersky warns of new and nasty data-ransom trojan. Malware analysts at Kaspersky Lab have warned of the return of the 'Gpcoder' trojan, a nasty piece of 'ransomware' which… https://www.virusbulletin.com/blog/2008/06/file-encryption-blackmail-scam-returns/

Monster haul of data reaped from job site

Trojan gathers 1.6 million sets of jobseeker records.
Trojan gathers 1.6 million sets of jobseeker records. Researchers at Symantec have reported discovering a server carrying 1.6 million entries from the popular jobseeking website… https://www.virusbulletin.com/blog/2007/08/monster-haul-data-reaped-job-site/

Ransomware returns

Trojan hides personal data, demands money with menaces.
Trojan hides personal data, demands money with menaces. A new version of a ransomware trojan has been sighted, recalling the warnings of two years ago when similar items first… https://www.virusbulletin.com/blog/2007/07/ransomware-returns/

« Previous 12 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.