VB Blog

48 hours after initial reports, many mysteries remain around the latest ransomware/wiper threat

Posted by   Martijn Grooten on   Jun 29, 2017

Whether you call it Petya, NotPetya, Nyetya or Petna, there are still many mysteries surrounding the malware that has been causing havoc around the world.

Read more  

VB2017 Early Bird discount to expire this week

Posted by   Martijn Grooten on   Jun 28, 2017

This week, the Early Bird discount for VB2017 comes to an end - so, for a 10% saving on the cost of full price registration, make sure you register now!

Read more  

VB2016 paper: Steam stealers: it's all fun and games until someone's account gets hijacked

Posted by   Martijn Grooten on   Jun 23, 2017

Last year, Kaspersky Lab researcher Santiago Pontiroli and PwC's Bart Parys presented a VB2016 paper analysing the malicious threats faced by users of the Steam online gaming platform, and highlighting how organized criminals are making money with these profitable schemes. Today, we publish the paper.

Read more  

Research paper shows it may be possible to distinguish malware traffic using TLS

Posted by   Martijn Grooten on   Jun 22, 2017

Researchers at Cisco have published a paper describing how it may be possible to use machine learning to distinguish malware command-and-control traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C&C traffic.

Read more  

Is CVE-2017-0199 the new CVE-2012-0158?

Posted by   Martijn Grooten on   Jun 20, 2017

After five years of exploitation in a wide variety of attacks, CVE-2012-0158 may have found a successor in CVE-2017-0199, which is taking the Office exploit scene by storm.

Read more  

Review: BSides London 2017

Posted by   Martijn Grooten on   Jun 19, 2017

Virus Bulletin was a proud sponsor of BSides London 2017 - Martijn Grooten reports on a great event.

Read more  

VB2017: one of the most international security conferences

Posted by   Martijn Grooten on   Jun 15, 2017

It is well known that the problem of cybersecurity is a global one that affects users worldwide - but it's also one that has some unique local flavours. With speakers representing at least 24 countries, VB2017 is one of the most international security conferences on the circuit, allowing attendees to hear the viewpoints of experts from around the world. Register before 1 July and receive a 10% Early Bird discount.

Read more  

VB2016 paper: Diving into Pinkslipbot's latest campaign

Posted by   Martijn Grooten on   Jun 12, 2017

Qakbot or Qbot, is a banking trojan that makes the news every once in a while and was the subject of a VB2016 paper by Intel Security researchers Sanchit Karve, Guilherme Venere and Mark Olea. In it, they provided a detailed analysis of the Pinkslipbot/Qakbot trojan and its then latest campaign. Their full paper is now available to download or read online.

Read more  

Book review: Spam: A Shadow History of the Internet

Posted by   Martijn Grooten on   Jun 2, 2017

VB Editor Martijn Grooten reviews Finn Brunton's book 'Spam: A Shadow History of the Internet'.

Read more  

Virus Bulletin to sponsor BSides London

Posted by   Martijn Grooten on   Jun 1, 2017

Virus Bulletin is proud to be a Silver sponsor of BSides London next week; we look forward to the event and to meeting many security professionals.

Read more  
Previous1...3435363738...215Next

Search blog

Throwback Thursday: Malware taking a bit(coin) more than we bargained for

This Throwback Thursday, we republish the VB2012 paper by Microsoft researcher Amir Fouda, one of the earliest papers to look at malware targeting Bitcoin.
In late spring of 2011, a sudden rise in the price of Bitcoin – reaching almost US$30, up from less than $1 barely a month earlier – attracted the attention of malware authors.… https://www.virusbulletin.com/blog/2018/02/throwback-thursday-malware-taking-bitcoin-more-we-bargained/

Meltdown and Spectre attacks mitigated by operating system updates

Just four days into the new year, two serious attacks in modern processors, dubbed Meltdown and Spectre, have been discovered. The attacks can be mitigated by patches to the operating system, but anti-virus software vendors need to make sure their product…
We wish all our readers a very happy and very secure 2018! The latter part will not come without some serious work though. We are not even four days into the new year and we… https://www.virusbulletin.com/blog/2018/01/meltdown-and-spectre-attacks-mitigated-operating-system-updates/

VB2017 preview: Stuck between a ROC and a hard place

We preview the VB2017 paper by Microsoft's Holly Stewart and Joe Blackbird, which uses data about users switching anti-virus provider to decide whether machine-learning models should favour avoiding false positives over false negatives.
Authors of security software in general, and anti-virus software in particular, have always needed to find the right balance between a high detection rate and a low false positive… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-stuck-between-roc-and-hard-place/

A look at the VB2016 sponsors

More than a dozen companies and organizations are lending their support to VB2016 as conference sponsors and supporting organizations.
Today, we are exactly one month away from the start of VB2016, the 26th Virus Bulletin International Conference, which is to take place 5-7 October in Denver, Colorado. We thought… https://www.virusbulletin.com/blog/2016/september/look-vb2016-sponsors/

Paper: Windows 10 patching process may leave enterprises vulnerable to zero-day attacks

Aryeh Goretsky gives advice on how to adapt to Windows 10's patching strategy.
Aryeh Goretsky gives advice on how to adapt to Windows 10's patching strategy. Patching is hard, especially when the code base is old and the bugs are buried deeply. This was… https://www.virusbulletin.com/blog/2015/03/paper-windows-10-patching-process-may-leave-enterprises-vulnerable-zero-day-attacks/

Microsoft no longer publishes advance notifications for its Patch Tuesdays

Company unhappy with Google going full disclosure on privilege escalation vulnerability.
Company unhappy with Google going full disclosure on privilege escalation vulnerability. Tomorrow is the second Tuesday of the month and, as most people reading this blog will… https://www.virusbulletin.com/blog/2015/01/microsoft-no-longer-publishes-advance-notifications-its-patch-tuesdays/

Out-of-band patch released for all Windows versions

Kerberos bug means one set of credentials suffices to rule them all.
Kerberos bug means one set of credentials suffices to rule them all. If you are a Windows systems administrator, the content of this blog post will (hopefully) not come as a… https://www.virusbulletin.com/blog/2014/11/out-band-patch-released-all-windows-versions/

VB2014 paper: DMARC - how to use it to improve your email reputation

Terry Zink presents case study in which he describes setting a DMARC policy for Microsoft.
Terry Zink presents case study in which he describes setting a DMARC policy for Microsoft.Over the next few months, we will be sharing VB2014 conference papers as well as video… https://www.virusbulletin.com/blog/2014/11/paper-dmarc-how-use-it-improve-your-email-reputation/

Windows Error Reporting used to discover new attacks

No excuse for sending error reports in cleartext.
No excuse for sending error reports in cleartext. All happy programs are the same. But each unhappy program crashes in its own way. In a report published yesterday, security firm… https://www.virusbulletin.com/blog/2014/02/windows-error-reporting-used-discover-new-attacks/

VirusTotal support integrated into new version of Process Explorer

Sysadmins can check hashes of processes against file-checking service database.
Sysadmins can check hashes of processes against file-checking service database.Microsoft and Google are known for their fierce competition, but when it comes to security, the tech… https://www.virusbulletin.com/blog/2014/01/virustotal-support-integrated-new-version-process-explorer/

Privilege escalation vulnerability targets Windows XP and Server 2003

Vulnerability being used in the wild in combination with exploit of patched Adobe Reader vulnerability.
Vulnerability being used in the wild in combination with exploit of patched Adobe Reader vulnerability. Researchers at FireEye have discovered a new privilege escalation… https://www.virusbulletin.com/blog/2013/11/privilege-escalation-vulnerability-targets-windows-xp-and-server-2003/

Good and bad news for victims of targeted attacks against Microsoft products

Bug bounty program extended; TIFF zero-day used in the wild.
Bug bounty program extended; TIFF zero-day used in the wild. This week, Microsoft has good news and bad news for those targeted by zero-day exploits in its products. The bad… https://www.virusbulletin.com/blog/2013/11/good-and-bad-news-victims-targeted-attacks-against-microsoft-products/

Should software vendors extend support for their products on Windows XP?

Is Google making the Internet more or less secure by extending support for Chrome on XP?
Is Google making the Internet more or less secure by extending support for Chrome on XP? A software vendor's decision to release updates to its product is generally seen as a good… https://www.virusbulletin.com/blog/2013/10/should-software-vendors-extend-support-their-products-windows-xp/

Microsoft releases advisory offering workarounds for IE vulnerability

German government advises users to use alternative browser.
German government advises users to use alternative browser.Microsoft has released a security advisory to address the zero-day vulnerability in its Internet Explorer browser that we… https://www.virusbulletin.com/blog/2012/09/microsoft-releases-advisory-offering-workarounds-ie-vulnerability/

Microsoft to publish security bulletins in CVRF format

Standard will streamline process of reviewing patches.
Standard will streamline process of reviewing patches. Software giant Microsoft has announced that it has started to publish its monthly security bulletins in the CVRF format.… https://www.virusbulletin.com/blog/2012/05/microsoft-publish-security-bulletins-cvrf-format/

Hefty Patch Tuesday bulletin rounds off bumper year

No sign of an end to vulnerability glut.
No sign of an end to vulnerability glut.Microsoft released its monthly Patch Tuesday security bulletin yesterday, with details of a hefty 17 alerts covering 40 separate… https://www.virusbulletin.com/blog/2010/12/hefty-patch-tuesday-bulletin-rounds-bumper-year/

Security fixes from Apple and Microsoft

100 security fixes in latest OS X update; three MS security updates in this month's patch release.
100 security fixes in latest OS X update; three MS security updates in this month's patch release. The latest release of Mac operating system OS X (Mac OS X v10.6.5) contains over… https://www.virusbulletin.com/blog/2010/11/security-fixes-apple-and-microsoft/

Microsoft's machines hijacked by spammers

Servers also used for DoS attack on security journalist's site.
Servers also used for DoS attack on security journalist's site. More than a thousand websites pushing spamvertised pharmaceuticals have been found to be using name servers on… https://www.virusbulletin.com/blog/2010/10/microsoft-s-machines-hijacked-spammers/

Giant patch release from Microsoft, Oracle

Record Patch Tuesday combines with swathe of extra fixes for corporates.
Record Patch Tuesday combines with swathe of extra fixes for corporates. It's a busy week for corporate admins as Microsoft's monthly Patch Tuesday security bulletin, containing a… https://www.virusbulletin.com/blog/2010/10/giant-patch-release-microsoft-oracle/

Microsoft releases new fix for DLL vulnerability

Earlier workaround believed to be too complex for most users.
Earlier workaround believed to be too complex for most users. A week after Microsoft released a fix for a DLL vulnerability that affected a large number of programs running on its… https://www.virusbulletin.com/blog/2010/09/microsoft-releases-new-fix-dll-vulnerability/

« Previous 1234 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.