VB Blog

First sponsors of VB2017 announced

Posted by Martijn Grooten on Mar 6, 2017

We are excited to announce the first five sponsors of VB2017, companies based in Europe, Asia and North America.

Posted by Martijn Grooten on Feb 27, 2017

A recent paper showed that many HTTPS-intercepting security solutions have implemented TLS rather poorly. Does that mean we should avoid such solutions altogether?

Posted by Martijn Grooten on Feb 23, 2017

Researchers from Google and CWI Amsterdam have created the first known collision of the SHA-1 hashing algorithm, making a very strong case to ditch it.

Posted by Helen Martin on Feb 23, 2017

VB was saddened to learn this week of the passing of one of the pioneers of the AV industry, Ross Greenberg. This Throwback Thursday we look back at an interview with Ross in November 1995.

Posted by Martijn Grooten on Feb 20, 2017

Have you analysed a new online threat? Do you know a new way to defend against such threats? Then submit an abstract in the CFP for VB2017!

Posted by Martijn Grooten on Feb 17, 2017

APT reports are great for gaining an understanding of how advanced attack groups operate - however, they can also provide free QA for the threat actors. Today, we publish a VB2016 paper by Gadi Evron (Cymmetria) and Inbar Raz (Perimeter X), who discuss what they think is wrong with many APT reports and what can be done to improve them.

Posted by Martijn Grooten on Feb 14, 2017

Industry veteran Mikko Hyppönen recently urged would-be security researchers to ditch their favourite pop music and listen to security podcasts on their commute to work instead. Virus Bulletin Editor Martijn Grooten shares his favourite security podcasts.

Posted by Martijn Grooten on Feb 10, 2017

In a presentation at VB2016, Patrick Wardle, Director of Research at Synack, discussed the possibilities of Mac malware recording the user via the webcam. Today, we publish the video of Patrick's presentation.

Posted by Martijn Grooten on Feb 9, 2017

Virus Bulletin Editor Martijn Grooten calls for the security community not to forget those most vulnerable in the digital world, including political activists living under oppressive regimes, and victims of abuse.

Posted by Helen Martin on Feb 9, 2017

In early 1991, the world was a troubled place and conflict and violence were being reported globally on a daily basis. With this as a backdrop, the world of "indiscriminate" computer viruses which "victimise in a random and unpredictable manner" seemed relatively trivial to then Editor of VB, Edward Wilding.

Previous1...3738394041...215Next

Search blog

Patch Tuesday released closely followed by emergency update

Bumper crop of patches plus further fix leave known holes open.
Bumper crop of patches plus further fix leave known holes open. This month's 'Patch Tuesday' security bulletin from Microsoft contained eight separate updates, two more than… https://www.virusbulletin.com/blog/2008/12/patch-tuesday-released-closely-followed-emergency-update/

Worm targets MS08-067 vulnerability

Exploit attack patches flaw once system penetrated.
Exploit attack patches flaw once system penetrated. A worm has been seen taking advantage of the vulnerability in Microsoft's Windows Server Service, patched out-of-cycle last… https://www.virusbulletin.com/blog/2008/12/worm-targets-ms08-067-vulnerability/

Microsoft to replace OneCare with free AV product

OneCare retirement announced, new product will be lighter on systems and pockets.
OneCare retirement announced, new product will be lighter on systems and pockets.Microsoft has announced plans to put an end to its home-user security product Live OneCare, and to… https://www.virusbulletin.com/blog/2008/11/microsoft-replace-onecare-free-av-product/

Two updates in Microsoft's November's patch release

Just two updates released by Microsoft this month: one rated critical, one important.
Just two updates released by Microsoft this month: one rated critical, one important.Microsoft has issued two updates in the November round of its monthly patch release cycle, one… https://www.virusbulletin.com/blog/2008/11/two-updates-microsoft-s-november-s-patch-release/

Microsoft issues emergency patch

Out-of-cycle update fixes serious, wormable flaw.
Out-of-cycle update fixes serious, wormable flaw.Microsoft has issued an emergency update to cover a serious vulnerability in the Windows Server service, breaking its usual monthly… https://www.virusbulletin.com/blog/2008/10/microsoft-issues-emergency-patch/

Four critical updates this Patch Tuesday

11 updates to be issued by Microsoft in October's monthly patch release: 4 critical.
11 updates to be issued by Microsoft in October's monthly patch release: 4 critical.Microsoft has prepared a total of 11 updates for the October round of its monthly patch release… https://www.virusbulletin.com/blog/2008/10/four-critical-updates-patch-tuesday/

Four critical updates in Patch Tuesday release

Monthly security update small but vital.
Monthly security update small but vital.Microsoft has released its monthly 'Patch Tuesday' batch of security updates, with only four items on the list but all of them marked… https://www.virusbulletin.com/blog/2008/09/four-critical-updates-patch-tuesday-release/

Patch Tuesday sees serious DNS flaws fixed

Nothing marked critical, but some very important patches issued.
Nothing marked critical, but some very important patches issued.Microsoft's latest 'Patch Tuesday' round of security updates for once contains no bulletins marked as 'critical',… https://www.virusbulletin.com/blog/2008/07/patch-tuesday-sees-serious-dns-flaws-fixed/

Microsoft releases latest Patch Tuesday fixes

7 vulnerabilities, 3 critical, addressed in June security update.
7 vulnerabilities, 3 critical, addressed in June security update.Microsoft has issued its monthly 'Patch Tuesday' set of security fixes, with seven separate areas covered of which… https://www.virusbulletin.com/blog/2008/06/microsoft-releases-latest-patch-tuesday-fixes/

Microsoft increases pressure on Apple to fix Safari blended threat

'Carpet bombing' vulnerability more serious than Apple claims, MS warns.
'Carpet bombing' vulnerability more serious than Apple claims, MS warns.Microsoft, whose Internet Explorer has come under frequent criticism for security vulnerabilities, has… https://www.virusbulletin.com/blog/2008/06/microsoft-increases-pressure-apple-fix-safari-blended-threat/

Latest Patch Tuesday update released

Microsoft announces five 'critical' vulnerabilities need fixing.
Microsoft announces five 'critical' vulnerabilities need fixing.Microsoft has issued its monthly 'Patch Tuesday' security bulletin, with five 'critical' and three 'important'… https://www.virusbulletin.com/blog/2008/04/latest-patch-tuesday-update-released/

Access flaw exploited via Word

Microsoft's employees hunting vulnerabilities instead of Easter eggs.
Microsoft's employees hunting vulnerabilities instead of Easter eggs. A buffer overrun vulnerability in Microsoft's Jet Database Engine, the underlying database behind Microsoft… https://www.virusbulletin.com/blog/2008/03/access-flaw-exploited-word/

Microsoft acquires Komoku

Anti-rootkit software to become part of Forefront and OneCare.
Anti-rootkit software to become part of Forefront and OneCare. Just before Easter, Microsoft announced it had acquired Komoku, a Maryland-based company that builds anti-rootkit… https://www.virusbulletin.com/blog/2008/03/microsoft-acquires-komoku/

Latest Patch Tuesday release

March's Patch Tuesday sees four 'critical' updates.
March's Patch Tuesday sees four 'critical' updates.Microsoft has released its monthly 'Patch Tuesday' security bulletin. This month the bulletin features four 'critical' updates,… https://www.virusbulletin.com/blog/2008/03/latest-patch-tuesday-release/

'Olympic' emails contain malicious XLS attachments

Malware writers sprint to use vulnerabilities before next Patch Tuesday.
Malware writers sprint to use vulnerabilities before next Patch Tuesday. Security researchers have reported seeing emails containing XLS attachments designed to exploit a yet… https://www.virusbulletin.com/blog/2008/03/olympic-emails-contain-malicious-xls-attachments/

IE8 to include malware filtering

New features list includes upgrade to security provision.
New features list includes upgrade to security provision. The next version of Microsoft's Internet Explorer web browser, IE8, could include malware detection as standard, in an… https://www.virusbulletin.com/blog/2008/03/ie8-include-malware-filtering/

Vista SP1 clashing with AV products

Service Pack causing issues for several security suites.
Service Pack causing issues for several security suites.Microsoft has released details of several software products that are known to have problems running in conjunction with… https://www.virusbulletin.com/blog/2008/02/vista-sp1-clashing-av-products/

Microsoft research revives 'friendly worm' ideas

Malware techniques proposed as update-spreading method.
Malware techniques proposed as update-spreading method. A group of Microsoft researchers have put forward proposals to use worm techniques to spread patches and updates across… https://www.virusbulletin.com/blog/2008/02/microsoft-research-revives-friendly-worm-ideas/

Bumper Patch Tuesday short of one patch

Excel remains vulnerable as expected fix is dropped.
Excel remains vulnerable as expected fix is dropped.Microsoft has issued its monthly 'Patch Tuesday' set of security updates, with a larger than usual crop of patches for a variety… https://www.virusbulletin.com/blog/2008/02/bumper-patch-tuesday-short-one-patch/

Live Mail CAPTCHA system bypassed

Spammers use botnet to register accounts on popular free webmail service.
Spammers use botnet to register accounts on popular free webmail service.Spammers have written a program that cracks the CAPTCHAS used by the Windows Live Mail registration system.… https://www.virusbulletin.com/blog/2008/02/live-mail-captcha-system-bypassed/

« Previous 1234 Next »