VB Blog

48 hours after initial reports, many mysteries remain around the latest ransomware/wiper threat

Posted by Martijn Grooten on Jun 29, 2017

Whether you call it Petya, NotPetya, Nyetya or Petna, there are still many mysteries surrounding the malware that has been causing havoc around the world.

Posted by Martijn Grooten on Jun 28, 2017

This week, the Early Bird discount for VB2017 comes to an end - so, for a 10% saving on the cost of full price registration, make sure you register now!

Posted by Martijn Grooten on Jun 23, 2017

Last year, Kaspersky Lab researcher Santiago Pontiroli and PwC's Bart Parys presented a VB2016 paper analysing the malicious threats faced by users of the Steam online gaming platform, and highlighting how organized criminals are making money with these profitable schemes. Today, we publish the paper.

Posted by Martijn Grooten on Jun 22, 2017

Researchers at Cisco have published a paper describing how it may be possible to use machine learning to distinguish malware command-and-control traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C&C traffic.

Posted by Martijn Grooten on Jun 20, 2017

After five years of exploitation in a wide variety of attacks, CVE-2012-0158 may have found a successor in CVE-2017-0199, which is taking the Office exploit scene by storm.

Posted by Martijn Grooten on Jun 19, 2017

Virus Bulletin was a proud sponsor of BSides London 2017 - Martijn Grooten reports on a great event.

Posted by Martijn Grooten on Jun 15, 2017

It is well known that the problem of cybersecurity is a global one that affects users worldwide - but it's also one that has some unique local flavours. With speakers representing at least 24 countries, VB2017 is one of the most international security conferences on the circuit, allowing attendees to hear the viewpoints of experts from around the world. Register before 1 July and receive a 10% Early Bird discount.

Posted by Martijn Grooten on Jun 12, 2017

Qakbot or Qbot, is a banking trojan that makes the news every once in a while and was the subject of a VB2016 paper by Intel Security researchers Sanchit Karve, Guilherme Venere and Mark Olea. In it, they provided a detailed analysis of the Pinkslipbot/Qakbot trojan and its then latest campaign. Their full paper is now available to download or read online.

Posted by Martijn Grooten on Jun 2, 2017

VB Editor Martijn Grooten reviews Finn Brunton's book 'Spam: A Shadow History of the Internet'.

Posted by Martijn Grooten on Jun 1, 2017

Virus Bulletin is proud to be a Silver sponsor of BSides London next week; we look forward to the event and to meeting many security professionals.

Previous1...3435363738...215Next

Search blog

Patch Tuesday released closely followed by emergency update

Bumper crop of patches plus further fix leave known holes open.
Bumper crop of patches plus further fix leave known holes open. This month's 'Patch Tuesday' security bulletin from Microsoft contained eight separate updates, two more than… https://www.virusbulletin.com/blog/2008/12/patch-tuesday-released-closely-followed-emergency-update/

Worm targets MS08-067 vulnerability

Exploit attack patches flaw once system penetrated.
Exploit attack patches flaw once system penetrated. A worm has been seen taking advantage of the vulnerability in Microsoft's Windows Server Service, patched out-of-cycle last… https://www.virusbulletin.com/blog/2008/12/worm-targets-ms08-067-vulnerability/

Microsoft to replace OneCare with free AV product

OneCare retirement announced, new product will be lighter on systems and pockets.
OneCare retirement announced, new product will be lighter on systems and pockets.Microsoft has announced plans to put an end to its home-user security product Live OneCare, and to… https://www.virusbulletin.com/blog/2008/11/microsoft-replace-onecare-free-av-product/

Two updates in Microsoft's November's patch release

Just two updates released by Microsoft this month: one rated critical, one important.
Just two updates released by Microsoft this month: one rated critical, one important.Microsoft has issued two updates in the November round of its monthly patch release cycle, one… https://www.virusbulletin.com/blog/2008/11/two-updates-microsoft-s-november-s-patch-release/

Microsoft issues emergency patch

Out-of-cycle update fixes serious, wormable flaw.
Out-of-cycle update fixes serious, wormable flaw.Microsoft has issued an emergency update to cover a serious vulnerability in the Windows Server service, breaking its usual monthly… https://www.virusbulletin.com/blog/2008/10/microsoft-issues-emergency-patch/

Four critical updates this Patch Tuesday

11 updates to be issued by Microsoft in October's monthly patch release: 4 critical.
11 updates to be issued by Microsoft in October's monthly patch release: 4 critical.Microsoft has prepared a total of 11 updates for the October round of its monthly patch release… https://www.virusbulletin.com/blog/2008/10/four-critical-updates-patch-tuesday/

Four critical updates in Patch Tuesday release

Monthly security update small but vital.
Monthly security update small but vital.Microsoft has released its monthly 'Patch Tuesday' batch of security updates, with only four items on the list but all of them marked… https://www.virusbulletin.com/blog/2008/09/four-critical-updates-patch-tuesday-release/

Patch Tuesday sees serious DNS flaws fixed

Nothing marked critical, but some very important patches issued.
Nothing marked critical, but some very important patches issued.Microsoft's latest 'Patch Tuesday' round of security updates for once contains no bulletins marked as 'critical',… https://www.virusbulletin.com/blog/2008/07/patch-tuesday-sees-serious-dns-flaws-fixed/

Microsoft releases latest Patch Tuesday fixes

7 vulnerabilities, 3 critical, addressed in June security update.
7 vulnerabilities, 3 critical, addressed in June security update.Microsoft has issued its monthly 'Patch Tuesday' set of security fixes, with seven separate areas covered of which… https://www.virusbulletin.com/blog/2008/06/microsoft-releases-latest-patch-tuesday-fixes/

Microsoft increases pressure on Apple to fix Safari blended threat

'Carpet bombing' vulnerability more serious than Apple claims, MS warns.
'Carpet bombing' vulnerability more serious than Apple claims, MS warns.Microsoft, whose Internet Explorer has come under frequent criticism for security vulnerabilities, has… https://www.virusbulletin.com/blog/2008/06/microsoft-increases-pressure-apple-fix-safari-blended-threat/

Latest Patch Tuesday update released

Microsoft announces five 'critical' vulnerabilities need fixing.
Microsoft announces five 'critical' vulnerabilities need fixing.Microsoft has issued its monthly 'Patch Tuesday' security bulletin, with five 'critical' and three 'important'… https://www.virusbulletin.com/blog/2008/04/latest-patch-tuesday-update-released/

Access flaw exploited via Word

Microsoft's employees hunting vulnerabilities instead of Easter eggs.
Microsoft's employees hunting vulnerabilities instead of Easter eggs. A buffer overrun vulnerability in Microsoft's Jet Database Engine, the underlying database behind Microsoft… https://www.virusbulletin.com/blog/2008/03/access-flaw-exploited-word/

Microsoft acquires Komoku

Anti-rootkit software to become part of Forefront and OneCare.
Anti-rootkit software to become part of Forefront and OneCare. Just before Easter, Microsoft announced it had acquired Komoku, a Maryland-based company that builds anti-rootkit… https://www.virusbulletin.com/blog/2008/03/microsoft-acquires-komoku/

Latest Patch Tuesday release

March's Patch Tuesday sees four 'critical' updates.
March's Patch Tuesday sees four 'critical' updates.Microsoft has released its monthly 'Patch Tuesday' security bulletin. This month the bulletin features four 'critical' updates,… https://www.virusbulletin.com/blog/2008/03/latest-patch-tuesday-release/

'Olympic' emails contain malicious XLS attachments

Malware writers sprint to use vulnerabilities before next Patch Tuesday.
Malware writers sprint to use vulnerabilities before next Patch Tuesday. Security researchers have reported seeing emails containing XLS attachments designed to exploit a yet… https://www.virusbulletin.com/blog/2008/03/olympic-emails-contain-malicious-xls-attachments/

IE8 to include malware filtering

New features list includes upgrade to security provision.
New features list includes upgrade to security provision. The next version of Microsoft's Internet Explorer web browser, IE8, could include malware detection as standard, in an… https://www.virusbulletin.com/blog/2008/03/ie8-include-malware-filtering/

Vista SP1 clashing with AV products

Service Pack causing issues for several security suites.
Service Pack causing issues for several security suites.Microsoft has released details of several software products that are known to have problems running in conjunction with… https://www.virusbulletin.com/blog/2008/02/vista-sp1-clashing-av-products/

Microsoft research revives 'friendly worm' ideas

Malware techniques proposed as update-spreading method.
Malware techniques proposed as update-spreading method. A group of Microsoft researchers have put forward proposals to use worm techniques to spread patches and updates across… https://www.virusbulletin.com/blog/2008/02/microsoft-research-revives-friendly-worm-ideas/

Bumper Patch Tuesday short of one patch

Excel remains vulnerable as expected fix is dropped.
Excel remains vulnerable as expected fix is dropped.Microsoft has issued its monthly 'Patch Tuesday' set of security updates, with a larger than usual crop of patches for a variety… https://www.virusbulletin.com/blog/2008/02/bumper-patch-tuesday-short-one-patch/

Live Mail CAPTCHA system bypassed

Spammers use botnet to register accounts on popular free webmail service.
Spammers use botnet to register accounts on popular free webmail service.Spammers have written a program that cracks the CAPTCHAS used by the Windows Live Mail registration system.… https://www.virusbulletin.com/blog/2008/02/live-mail-captcha-system-bypassed/

« Previous 1234 Next »