VB Blog

Tizi Android malware highlights the importance of security patches for high-risk users

Posted by Martijn Grooten on Nov 28, 2017

Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.

Posted by Martijn Grooten on Nov 27, 2017

Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.

Posted by Martijn Grooten on Nov 24, 2017

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.

Posted by Martijn Grooten on Nov 23, 2017

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

Posted by Martijn Grooten on Nov 22, 2017

At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

Posted by Martijn Grooten on Nov 21, 2017

Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

Posted by Martijn Grooten on Nov 16, 2017

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

Posted by Martijn Grooten on Nov 13, 2017

Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB2017 in Madrid, in which she shared her inside view of security in hospitals.

Posted by Martijn Grooten on Nov 9, 2017

Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.

Posted by Martijn Grooten on Nov 8, 2017

At VB2017 in Madrid, industry veteran and ESET Senior Research Fellow David Harley presented a paper on the state of security software testing. Today we publish David's paper in both HTML and PDF format.

Previous1...2728293031...215Next

Search blog

Microsoft alert on Excel vulnerability

Targeted exploitation of zero-day flaw seen in wild.
Targeted exploitation of zero-day flaw seen in wild.Microsoft has issued a security advisory on an unresolved vulnerability in its Excel software, which has been reported as a… https://www.virusbulletin.com/blog/2008/01/microsoft-alert-excel-vulnerability/

Four IE bugs fixed by Patch Tuesday release

Seven updates, three critical in monthly security update.
Seven updates, three critical in monthly security update.Microsoft has released its monthly 'Patch Tuesday' security bulletin, featuring seven updates of which three are marked… https://www.virusbulletin.com/blog/2007/12/four-ie-bugs-fixed-patch-tuesday-release/

Five-year-old design flaw found in all Windows versions

Microsoft engineers spend Thanksgiving holidays writing patch.
Microsoft engineers spend Thanksgiving holidays writing patch. During the Kiwicon conference earlier this month, ethical hacker Beau Butler from New Zealand disclosed a design flaw… https://www.virusbulletin.com/blog/2007/11/five-year-old-design-flaw-found-all-windows-versions/

Two fixes released on lightweight Patch Tuesday

Monthly security update covers just couple of dangers.
Monthly security update covers just couple of dangers.Microsoft has released its monthly 'Patch Tuesday' security bulletin, with only two patches issued, one rated 'Important' and… https://www.virusbulletin.com/blog/2007/11/two-fixes-released-lightweight-patch-tuesday/

Microsoft unveils January-June threat report

Security analysis shows rise in vulnerabilities, trojans and scamware.
Security analysis shows rise in vulnerabilities, trojans and scamware.Microsoft has released its latest 'Security Intelligence Report', covering the first half of 2007, showing a… https://www.virusbulletin.com/blog/2007/10/microsoft-unveils-january-june-threat-report/

4 out of 5 critical issues fixed on Patch Tuesday

Expected patch omitted from monthly security update.
Expected patch omitted from monthly security update.Microsoft has announced the contents of its monthly 'Patch Tuesday' security update release, with four 'Critical' and two… https://www.virusbulletin.com/blog/2007/10/4-out-5-critical-issues-fixed-patch-tuesday/

Microsoft files further adware patent

User behaviour monitors could be used to target ads.
User behaviour monitors could be used to target ads. Following a patent application disclosed some months ago, details have been released of another adware scheme patented by… https://www.virusbulletin.com/blog/2007/09/microsoft-files-further-adware-patent/

Quiet Patch Tuesday

Four flaws fixed in minimal security update.
Four flaws fixed in minimal security update.Microsoft's monthly 'Patch Tuesday' release of security updates for Windows and other software has been fairly quiet this month - with… https://www.virusbulletin.com/blog/2007/09/quiet-patch-tuesday/

MS gaining fast in AV-Comparatives tests

Detection rates up 7% in six months, more improvement predicted.
Detection rates up 7% in six months, more improvement predicted.AV-Comparatives have released the results of their latest test of detection rates, pitting 17 scanners already known… https://www.virusbulletin.com/blog/2007/09/ms-gaining-fast-av-comparatives-tests/

AVK tops latest AV-Test charts

Top four beat 99% in large collection scan.
Top four beat 99% in large collection scan. Testers at AV-Test.org have run 29 products over a massive collection of malware samples, with detection rates measured against 874,822… https://www.virusbulletin.com/blog/2007/08/avk-tops-latest-av-test-charts/

14 flaws fixed in bumper Patch Tuesday

Critical remote execution and hijack holes closed.
Critical remote execution and hijack holes closed.Microsoft's monthly 'Patch Tuesday' security bulletin includes nine separate bulletins this month, covering a total of 14… https://www.virusbulletin.com/blog/2007/08/14-flaws-fixed-bumper-patch-tuesday/

Microsoft files adware system patent

Ads could be targeted at users based on local system data.
Ads could be targeted at users based on local system data.Microsoft has filed a patent application for a new method of targeting advertising, using information on the contents of a… https://www.virusbulletin.com/blog/2007/07/microsoft-files-adware-system-patent/

Microsoft opens security 'portal'

New site carries prevalence data, updates and malware resources.
New site carries prevalence data, updates and malware resources. Security teams at Microsoft have been busy this week, with the full unveiling of the Microsoft Malware Protection… https://www.virusbulletin.com/blog/2007/07/microsoft-opens-security-portal/

Controversy over IE-to-Firefox exploit

MS and Mozilla in row over blame for cross-browser attack.
MS and Mozilla in row over blame for cross-browser attack. An exploit which involves browsing to a malicious website using Internet Explorer, but then launches an attack via a… https://www.virusbulletin.com/blog/2007/07/controversy-over-ie-firefox-exploit/

7 flaws fixed in July Patch Tuesday release

Critical patches issued for Excel, Active Directory and .NET.
Critical patches issued for Excel, Active Directory and .NET.Microsoft has released a total of seven patches in its monthly 'Patch Tuesday' security update, with three of the… https://www.virusbulletin.com/blog/2007/07/7-flaws-fixed-july-patch-tuesday-release/

Fake updates and phony postcards carry malware

Microsoft patch and greetings card spams bring more trojans.
Microsoft patch and greetings card spams bring more trojans. Several spam runs posing as vulnerability alerts from Microsoft have been spotted in the last week, with links to… https://www.virusbulletin.com/blog/2007/07/fake-updates-and-phony-postcards-carry-malware/

4 critical flaws patched this Patch Tuesday

Microsoft's June Security Bulletin covers range of vulnerabilities.
Microsoft's June Security Bulletin covers range of vulnerabilities.Microsoft's latest 'Patch Tuesday' security bulletin, released yesterday, includes fixes for six vulnerabilities,… https://www.virusbulletin.com/blog/2007/06/4-critical-flaws-patched-patch-tuesday/

Microsoft details 'Stirling' integrated suite

Comprehensive security product promised in next-gen Forefront.
Comprehensive security product promised in next-gen Forefront.Microsoft, whose Forefront corporate anti-malware system is the latest step in a continuing onslaught on the security… https://www.virusbulletin.com/blog/2007/06/microsoft-details-stirling-integrated-suite/

7 critical flaws patched on Patch Tuesday

May Security Bulletin covers wide range of vulnerabilities.
May Security Bulletin covers wide range of vulnerabilities.Microsoft's latest 'Patch Tuesday' security bulletin included fixes for seven vulnerabilities, all rated 'Critical' and… https://www.virusbulletin.com/blog/2007/05/7-critical-flaws-patched-patch-tuesday/

Microsoft to beat Symantec to corporate release punch

With Forefront due out soon, Symantec's latest release suffers further delay.
With Forefront due out soon, Symantec's latest release suffers further delay.Microsoft has announced the release to manufacture of Forefront Client, the corporate implementation of… https://www.virusbulletin.com/blog/2007/05/microsoft-beat-symantec-corporate-release-punch/

« Previous 1234 Next »