VB Blog

FREAK attack takes HTTPS connections back to 1990s security

Posted by   Virus Bulletin on   Mar 4, 2015

Golden keys from the (first) crypto wars have come back to haunt us.

Read more  

TorrentLocker spam has DMARC enabled

Posted by   Virus Bulletin on   Mar 2, 2015

Use of email authentication technique unlikely to bring any advantage.

Read more  

Paper: Script in a lossy stream

Posted by   Virus Bulletin on   Mar 2, 2015

Dénes Óvári explains how to store code in lossily compressed JPEG data.

Read more  

M3AAWG releases BCP document on dealing with child sexual abuse material

Posted by   Virus Bulletin on   Feb 27, 2015

Subject may make many feel uncomfortable, but it is essential that we know how to deal with it.

Read more  

VB2014 paper: Caphaw - the advanced persistent pluginer

Posted by   Virus Bulletin on   Feb 27, 2015

Micky Pun and Neo Tan analyse the banking trojan that is best known for spreading through Skype.

Read more  

Coordinated action takes down Ramnit botnet infrastructure

Posted by   Virus Bulletin on   Feb 26, 2015

Malware remains present on infected machines; 2012 Virus Bulletin paper worth studying.

Read more  

Hacker group takes over Lenovo's DNS

Posted by   Virus Bulletin on   Feb 26, 2015

As emails were sent to wrong servers, DNSSEC might be worth looking into.

Read more  

Almost 50% increase in reported vulnerabilities as non-Windows operating systems lead the table

Posted by   Virus Bulletin on   Feb 25, 2015

Each discovered vulnerability is actually a good news story.

Read more  

Vawtrak trojan spread through malicious Office macros

Posted by   Virus Bulletin on   Feb 24, 2015

Users easily tricked, but plenty of opportunity for the malware to be blocked.

Read more  

Lenovo laptops pre-installed with software that adds its own root CA certificate

Posted by   Virus Bulletin on   Feb 20, 2015

Shared root certificate makes for easy man-in-the-middle attacks.

Read more  
Previous1...5758596061...215Next

Search blog

The VB2014 presentation you never saw. Early launch Android malware: your phone is 0wned

Malicious apps may have more privileges than security software.
Malicious apps may have more privileges than security software. There are many people without whom a Virus Bulletin conference wouldn't be possible: the VB team, the crew from Cue… https://www.virusbulletin.com/blog/2014/10/presentation-you-never-saw-early-launch-android-malware-your-phone-0wned/

Crypto blunder makes TorrentLocker easy to crack

Use of single XOR key leaves ransomware open to known-plaintext attack.
Use of single XOR key leaves ransomware open to known-plaintext attack. It has been said many times before: cryptography is hard. Earlier this year, the authors of the 'Bitcrypt'… https://www.virusbulletin.com/blog/2014/09/crypto-blunder-makes-torrentlocker-easy-crack/

Researchers release CryptoLocker decryption tool

Tool uses private keys found in database of victims.
Tool uses private keys found in database of victims.Please note: this blog post was written in August 2014 and refers to a particular kind of encryption-ransomware that was active… https://www.virusbulletin.com/blog/2014/08/researchers-release-cryptolocker-decryption-tool/

Researchers crack ransomware encryption

'Bitcrypt' authors confused their bytes and digits.
'Bitcrypt' authors confused their bytes and digits. Two French researchers have found a serious vulnerability in a new piece of ransomware that has allowed them to crack the keys… https://www.virusbulletin.com/blog/2014/02/researchers-crack-ransomware-encryption/

Browser-based ransomware uses scare tactics to extort money

Unsophisticated scam shows the high level of commoditization of today's cybercrime.
Unsophisticated scam shows the high level of commoditization of today's cybercrime. A case of browser-based ransomware, that is currently using social engineering tactics in an… https://www.virusbulletin.com/blog/2014/01/browser-based-ransomware-uses-scare-tactics-extort-money/

NCA issues alert on CryptoLocker ransomware

Malware demands $1,000 ransom to decrypt files.
Malware demands $1,000 ransom to decrypt files. This weekend, the UK's National Crime Agency (NCA) issued an alert about the 'CryptoLocker' ransomware - following a similar alert… https://www.virusbulletin.com/blog/2013/11/nca-issues-alert-cryptolocker-ransomware/

VB2012 last-minute papers announced

Hot topics to be covered at VB conference in Dallas.
Hot topics to be covered at VB conference in Dallas. For the last six years, VB has set aside a section of the VB conference for 'last-minute' papers, the idea being that… https://www.virusbulletin.com/blog/2012/09/last-minute-papers-announced/

Gach do bonn a mbaineann a chur chugainn

Why cybercriminals may have a reason for using Irish language in a ransomware scam.
Why cybercriminals may have a reason for using Irish language in a ransomware scam. According to a story that made the security headlines this weekend, and which seems to orginate… https://www.virusbulletin.com/blog/2012/09/gach-do-bonn-mbaineann-chur-chugainn/

Ransom trojan demands Windows re-activation

Criminals make money through calls to supposedly free phone number.
Criminals make money through calls to supposedly free phone number. A new piece of ransomware has been discovered that shows the PC user a blue screen and asks them to re-activate… https://www.virusbulletin.com/blog/2011/04/ransom-trojan-demands-windows-re-activation/

Malicious applications target Orkut

Visitors to infected social network profiles redirected to phishing sites.
Visitors to infected social network profiles redirected to phishing sites. Users of the social networking site Orkut have found themselves targeted by malicious applications that… https://www.virusbulletin.com/blog/2010/11/malicious-applications-target-orkut/

File encryption blackmail scam returns

Kaspersky warns of new and nasty data-ransom trojan.
Kaspersky warns of new and nasty data-ransom trojan. Malware analysts at Kaspersky Lab have warned of the return of the 'Gpcoder' trojan, a nasty piece of 'ransomware' which… https://www.virusbulletin.com/blog/2008/06/file-encryption-blackmail-scam-returns/

Monster haul of data reaped from job site

Trojan gathers 1.6 million sets of jobseeker records.
Trojan gathers 1.6 million sets of jobseeker records. Researchers at Symantec have reported discovering a server carrying 1.6 million entries from the popular jobseeking website… https://www.virusbulletin.com/blog/2007/08/monster-haul-data-reaped-job-site/

Ransomware returns

Trojan hides personal data, demands money with menaces.
Trojan hides personal data, demands money with menaces. A new version of a ransomware trojan has been sighted, recalling the warnings of two years ago when similar items first… https://www.virusbulletin.com/blog/2007/07/ransomware-returns/

« Previous 12 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.