VB Blog

Cybercriminals frustrated with botnet trackers

Posted by   Virus Bulletin on   Mar 10, 2011

Drastic measures discussed by users of online forum.

Read more  

ENISA calls for revised botnet measurements

Posted by   Virus Bulletin on   Mar 9, 2011

EU agency says current measures of botnet threat are misleading.

Read more  

Spammers exploit internationalized domain names

Posted by   Virus Bulletin on   Mar 3, 2011

Non-Latin characters in URLs used to trick filters.

Read more  

Google acquires Zynamics

Posted by   Virus Bulletin on   Mar 2, 2011

Internet giant buys into security.

Read more  

March issue of VB published

Posted by   Virus Bulletin on   Mar 1, 2011

The March issue of Virus Bulletin is now available for subscribers to download.

Read more  

Welsh 419 scam

Posted by   Virus Bulletin on   Feb 23, 2011

Email from Welsh-speaking Kuwaiti widow indicative of more targeted spam.

Read more  

Dutch most protected Europeans online

Posted by   Virus Bulletin on   Feb 9, 2011

Bulgarians most likely to have become infected; financial losses most prevalent among Latvians.

Read more  

Mrs Mubarak's IP addresses used by spammers

Posted by   Virus Bulletin on   Feb 1, 2011

Spammers finding new ways to obtain non-blacklisted addresses.

Read more  

February issue of VB published

Posted by   Virus Bulletin on   Feb 1, 2011

The February issue of Virus Bulletin is now available for subscribers to download.

Read more  

UK government sites warned to brace against attack

Posted by   Virus Bulletin on   Jan 28, 2011

GovCertUK issues warning in aftermath of arrests of Anonymous gang members.

Read more  
Previous1...979899100101...215Next

Search blog

Free VB2019 tickets for students

Virus Bulletin is excited to announce that, thanks to generous sponsorship from Google Android, we are able to offer 20 free tickets to students who want to attend VB2019.
Update 02 August 2019: Applications for free student tickets have now closed. Virus Bulletin is excited to announce that, thanks to generous sponsorship from Google Android, we… https://www.virusbulletin.com/blog/2019/06/free-vb2019-tickets-students/

VB2018 paper: Unpacking the packed unpacker: reversing an Android anti-analysis library

Today, we publish a VB2018 paper by Google researcher Maddie Stone in which she looks at one of the most interesting anti-analysis native libraries in the Android ecosystem. We also release the recording of Maddie's presentation.
Though still relatively new (the first VB conference paper on Android malware was presented in 2011), malware targeting the Android mobile operating system has evolved quickly, in… https://www.virusbulletin.com/blog/2019/01/vb2018-paper-unpacking-packed-unpacker-reversing-android-anti-analysis-library/

VB2018 video: Triada: the past, the present and the (hopefully not existing) future

Today we publish the video of the VB2018 presentation by Google researcher Lukasz Siewierski on the Triada Android malware and Google's work with OEMs to remove it from infected devices.
From NotPetya to Shadowpad, supply chain attacks have become a serious and hard-to-fight security problem. One prominent type of supply chain attack involves the pre-installation… https://www.virusbulletin.com/blog/2018/11/vb2018-video-triada-past-present-and-hopefully-not-existing-future/

VB2018 preview: Unpacking the packed unpacker: reversing an Android anti-analysis library

At VB2018, Google researcher Maddie Stone will present an analysis of the multi-layered 'WeddingCake' anti-analysis library used by many Android malware families.
Seven years ago, the first VB conference paper on Android malware looked at what was then a new, but growing trend. Since then both the threat and the research community have… https://www.virusbulletin.com/blog/2018/08/vb2018-preview-unpacking-packed-unpacker-reversing-android-anti-analysis-library/

Subtle change could see a reduction in installation of malicious Chrome extensions

Google has made a subtle change to its Chrome browser, banning the inline installation of new extensions, thus making it harder for malware authors to trick users into unwittingly installing malicious extensions.
As modern browsers have become harder to attack, malware authors have found a simple way around this: by working with the browser rather than against it. More particularly, by… https://www.virusbulletin.com/blog/2018/06/subtle-change-could-see-reduction-installation-malicious-chrome-extensions/

VB2017 paper: VirusTotal tips, tricks and myths

At VB2017 in Madrid, security researcher Randy Abrams presented an overview of the VirusTotal service and then went on to bust several of the persistent myths that surround it. Today we publish both Randy's paper and the recording of his presentation.
In a surprise announcement, Google's parent company Alphabet has introduced Chronicle, a threat intelligence offering in which Google-owned VirusTotal will play an important role.… https://www.virusbulletin.com/blog/2018/01/vb2017-paper-virustotal-tips-tricks-and-myths/

Tizi Android malware highlights the importance of security patches for high-risk users

Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.
A well-known security researcher once said: "if you purposely choose Android you are either Poor, Cheap, or really hate Apple." Android has a bad reputation in security… https://www.virusbulletin.com/blog/2017/11/tizi-android-malware-highlights-importance-security-patches-high-risk-users/

WireX DDoS botnet takedown shows the best side of the security industry

Collaboration between a number of security companies has led to the takedown of the WireX Android DDoS botnet. Efforts like these, and the fact that the companies involved all decided to publish the very same blog post, show the best side of the security …
It is easy to be cynical about the security industry and its tendency to make ever bigger mountains out of molehills, but behind a thin layer of marketing, there are a great many… https://www.virusbulletin.com/blog/2017/08/wirex-ddos-botnet-takedown-shows-best-side-security-industry/

The SHA-1 hashing algorithm has been 'shattered'

Researchers from Google and CWI Amsterdam have created the first known collision of the SHA-1 hashing algorithm, making a very strong case to ditch it.
Researchers from Google and CWI Amsterdam have created the first publicly known SHA-1 collision. SHA-1 is a hashing algorithm: it turns data of arbitrary size (such as a string… https://www.virusbulletin.com/blog/2017/02/sha-1-hashing-algorithm-has-been-shattered/

VB2015 video: Making a dent in Russian mobile banking phishing

Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks.
Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks. In the last few years, mobile malware has evolved from a mostly… https://www.virusbulletin.com/blog/2015/12/video-making-dent-russian-mobile-banking-phishing/

Google 'suspends' CNNIC from Chrome's certificate store

Chinese certificate authority told to re-apply.
Chinese certificate authority told to re-apply. When a web client, such as a browser, attempts to make an HTTPS connection, it needs to know that no man-in-the-middle attack is… https://www.virusbulletin.com/blog/2015/04/google-suspends-cnnic-chrome-s-certificate-store/

Google relaxes disclosure policy following criticism

Grace period added for vulnerabilities that are about to be patched.
Grace period added for vulnerabilities that are about to be patched. Last year, Google announced a new disclosure policy, where details of a vulnerability discovered by the… https://www.virusbulletin.com/blog/2015/02/google-relaxes-disclosure-policy-following-criticism/

Microsoft no longer publishes advance notifications for its Patch Tuesdays

Company unhappy with Google going full disclosure on privilege escalation vulnerability.
Company unhappy with Google going full disclosure on privilege escalation vulnerability. Tomorrow is the second Tuesday of the month and, as most people reading this blog will… https://www.virusbulletin.com/blog/2015/01/microsoft-no-longer-publishes-advance-notifications-its-patch-tuesdays/

POODLE attack forces the Internet to move away from SSL 3.0

Users and administrators urged to stop supporting the protocol, or at least to prevent downgrade attacks.
Users and administrators urged to stop supporting the protocol, or at least to prevent downgrade attacks. After Heartbleed and Shellshock, or the SSL/TLS attacks CRIME and BEAST,… https://www.virusbulletin.com/blog/2014/10/poodle-attack-forces-internet-move-away-ssl-3-0/

Google's Project Zero to hunt for zero-days

Bugs to be reported to the vendor only, and to become public once patched.
Bugs to be reported to the vendor only, and to become public once patched.Google has created a new team, called Project Zero, whose task is to find vulnerabilities in any kind of… https://www.virusbulletin.com/blog/2014/07/google-s-project-zero-hunt-zero-days/

OpenSSL vulnerability lets attackers quietly steal servers' private keys

Security firm advises regenerating keys and replacing certificates on vulnerable servers.
Security firm advises regenerating keys and replacing certificates on vulnerable servers. A very serious vulnerability in OpenSSL has caused panic among network administrators:… https://www.virusbulletin.com/blog/2014/04/openssl-vulnerability-lets-attackers-quietly-steal-servers-private-keys/

VirusTotal support integrated into new version of Process Explorer

Sysadmins can check hashes of processes against file-checking service database.
Sysadmins can check hashes of processes against file-checking service database.Microsoft and Google are known for their fierce competition, but when it comes to security, the tech… https://www.virusbulletin.com/blog/2014/01/virustotal-support-integrated-new-version-process-explorer/

Should software vendors extend support for their products on Windows XP?

Is Google making the Internet more or less secure by extending support for Chrome on XP?
Is Google making the Internet more or less secure by extending support for Chrome on XP? A software vendor's decision to release updates to its product is generally seen as a good… https://www.virusbulletin.com/blog/2013/10/should-software-vendors-extend-support-their-products-windows-xp/

Weak cryptography keys allow others to add valid DKIM signatures to fake emails

512-bit key cracked within 72 hours.
512-bit key cracked within 72 hours. A Florida-based mathematician has caused a stir in the email community by adding a valid DKIM signature for google.com to an email after… https://www.virusbulletin.com/blog/2012/10/weak-cryptography-keys-allow-others-add-valid-dkim-signatures-fake-emails/

Spammers using Google open redirect

Vulnerability 'not worthy of bug bounty program'.
Vulnerability 'not worthy of bug bounty program'. Researchers at Solera Labs have discovered spammers using an open redirect at Google to hide the final destination of their link… https://www.virusbulletin.com/blog/2011/12/spammers-using-google-open-redirect/

« Previous 123 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.