VB Blog

Avast to present technical details of CCleaner hack at VB2017

Posted by Martijn Grooten on Oct 2, 2017

The recently discovered malicious CCleaner version has become one of the biggest security stories of 2017. Two researchers from Avast, the company that had recently acquired CCleaner developer Piriform, will share the results of their investigations at VB2017 in Madrid this week.

Posted by Martijn Grooten on Oct 2, 2017

We preview the VB2017 paper by Kaspersky Lab researchers Juan Andrés Guerrero-Saade and Costin Raiu on fourth-party collection and its implications for attack attribution.

Posted by Martijn Grooten on Sep 29, 2017

We preview Patrick Wardle's VB2017 paper, in which the Synack researcher analyses the mysterious OSX/FruitFly malware by setting up a custom C&C server.

Posted by Martijn Grooten on Sep 28, 2017

More than 50 security industry experts will present conference papers to their peers at VB2017 next week, and there are several papers on the programme with a certain newsworthiness. There is still time for cybersecurity journalists to apply for a press pass.

Posted by Martijn Grooten on Sep 25, 2017

We preview the VB2017 paper by Dhia Mahjoub (OpenDNS) and Jason Passwaters (Intel471) who combine an actor-centric and a network-centric approach to analysing bulletproof hosting operations.

Posted by Martijn Grooten on Sep 22, 2017

As has become tradition, VB2017 will once again see a security industry table football tournament. Register your team now for some great fun and adrenaline-filled matches in between sessions in Madrid!

Posted by Martijn Grooten on Sep 21, 2017

Greater Manchester Police is one of many organizations still running Windows XP on some of its systems. This is bad practice, but the case against running XP is far more subtle than we often pretend it is.

Posted by Martijn Grooten on Sep 21, 2017

Researchers from ESET have found a new way in which the FinSpy/FinFisher 'government spyware' can infect users, details of which they will present at VB2017 in Madrid.

Posted by Virus Bulletin on Sep 20, 2017

Activity monitoring by security products in general, and HTTPS traffic inspection in particular, are sensitive issues in the security community. There is a time and a place for them, VB's Martijn Grooten argues, but only when they are done right.

Posted by Martijn Grooten on Sep 19, 2017

We preview the VB2017 paper by Fortinet researcher Axelle Apvrille, in which she looks at some less obvious tools for reverse engineering Android malware.

Previous1...2930313233...215Next

Search blog

Microsoft alert on Excel vulnerability

Targeted exploitation of zero-day flaw seen in wild.
Targeted exploitation of zero-day flaw seen in wild.Microsoft has issued a security advisory on an unresolved vulnerability in its Excel software, which has been reported as a… https://www.virusbulletin.com/blog/2008/01/microsoft-alert-excel-vulnerability/

Four IE bugs fixed by Patch Tuesday release

Seven updates, three critical in monthly security update.
Seven updates, three critical in monthly security update.Microsoft has released its monthly 'Patch Tuesday' security bulletin, featuring seven updates of which three are marked… https://www.virusbulletin.com/blog/2007/12/four-ie-bugs-fixed-patch-tuesday-release/

Five-year-old design flaw found in all Windows versions

Microsoft engineers spend Thanksgiving holidays writing patch.
Microsoft engineers spend Thanksgiving holidays writing patch. During the Kiwicon conference earlier this month, ethical hacker Beau Butler from New Zealand disclosed a design flaw… https://www.virusbulletin.com/blog/2007/11/five-year-old-design-flaw-found-all-windows-versions/

Two fixes released on lightweight Patch Tuesday

Monthly security update covers just couple of dangers.
Monthly security update covers just couple of dangers.Microsoft has released its monthly 'Patch Tuesday' security bulletin, with only two patches issued, one rated 'Important' and… https://www.virusbulletin.com/blog/2007/11/two-fixes-released-lightweight-patch-tuesday/

Microsoft unveils January-June threat report

Security analysis shows rise in vulnerabilities, trojans and scamware.
Security analysis shows rise in vulnerabilities, trojans and scamware.Microsoft has released its latest 'Security Intelligence Report', covering the first half of 2007, showing a… https://www.virusbulletin.com/blog/2007/10/microsoft-unveils-january-june-threat-report/

4 out of 5 critical issues fixed on Patch Tuesday

Expected patch omitted from monthly security update.
Expected patch omitted from monthly security update.Microsoft has announced the contents of its monthly 'Patch Tuesday' security update release, with four 'Critical' and two… https://www.virusbulletin.com/blog/2007/10/4-out-5-critical-issues-fixed-patch-tuesday/

Microsoft files further adware patent

User behaviour monitors could be used to target ads.
User behaviour monitors could be used to target ads. Following a patent application disclosed some months ago, details have been released of another adware scheme patented by… https://www.virusbulletin.com/blog/2007/09/microsoft-files-further-adware-patent/

Quiet Patch Tuesday

Four flaws fixed in minimal security update.
Four flaws fixed in minimal security update.Microsoft's monthly 'Patch Tuesday' release of security updates for Windows and other software has been fairly quiet this month - with… https://www.virusbulletin.com/blog/2007/09/quiet-patch-tuesday/

MS gaining fast in AV-Comparatives tests

Detection rates up 7% in six months, more improvement predicted.
Detection rates up 7% in six months, more improvement predicted.AV-Comparatives have released the results of their latest test of detection rates, pitting 17 scanners already known… https://www.virusbulletin.com/blog/2007/09/ms-gaining-fast-av-comparatives-tests/

AVK tops latest AV-Test charts

Top four beat 99% in large collection scan.
Top four beat 99% in large collection scan. Testers at AV-Test.org have run 29 products over a massive collection of malware samples, with detection rates measured against 874,822… https://www.virusbulletin.com/blog/2007/08/avk-tops-latest-av-test-charts/

14 flaws fixed in bumper Patch Tuesday

Critical remote execution and hijack holes closed.
Critical remote execution and hijack holes closed.Microsoft's monthly 'Patch Tuesday' security bulletin includes nine separate bulletins this month, covering a total of 14… https://www.virusbulletin.com/blog/2007/08/14-flaws-fixed-bumper-patch-tuesday/

Microsoft files adware system patent

Ads could be targeted at users based on local system data.
Ads could be targeted at users based on local system data.Microsoft has filed a patent application for a new method of targeting advertising, using information on the contents of a… https://www.virusbulletin.com/blog/2007/07/microsoft-files-adware-system-patent/

Microsoft opens security 'portal'

New site carries prevalence data, updates and malware resources.
New site carries prevalence data, updates and malware resources. Security teams at Microsoft have been busy this week, with the full unveiling of the Microsoft Malware Protection… https://www.virusbulletin.com/blog/2007/07/microsoft-opens-security-portal/

7 flaws fixed in July Patch Tuesday release

Critical patches issued for Excel, Active Directory and .NET.
Critical patches issued for Excel, Active Directory and .NET.Microsoft has released a total of seven patches in its monthly 'Patch Tuesday' security update, with three of the… https://www.virusbulletin.com/blog/2007/07/7-flaws-fixed-july-patch-tuesday-release/

Controversy over IE-to-Firefox exploit

MS and Mozilla in row over blame for cross-browser attack.
MS and Mozilla in row over blame for cross-browser attack. An exploit which involves browsing to a malicious website using Internet Explorer, but then launches an attack via a… https://www.virusbulletin.com/blog/2007/07/controversy-over-ie-firefox-exploit/

Fake updates and phony postcards carry malware

Microsoft patch and greetings card spams bring more trojans.
Microsoft patch and greetings card spams bring more trojans. Several spam runs posing as vulnerability alerts from Microsoft have been spotted in the last week, with links to… https://www.virusbulletin.com/blog/2007/07/fake-updates-and-phony-postcards-carry-malware/

4 critical flaws patched this Patch Tuesday

Microsoft's June Security Bulletin covers range of vulnerabilities.
Microsoft's June Security Bulletin covers range of vulnerabilities.Microsoft's latest 'Patch Tuesday' security bulletin, released yesterday, includes fixes for six vulnerabilities,… https://www.virusbulletin.com/blog/2007/06/4-critical-flaws-patched-patch-tuesday/

Microsoft details 'Stirling' integrated suite

Comprehensive security product promised in next-gen Forefront.
Comprehensive security product promised in next-gen Forefront.Microsoft, whose Forefront corporate anti-malware system is the latest step in a continuing onslaught on the security… https://www.virusbulletin.com/blog/2007/06/microsoft-details-stirling-integrated-suite/

7 critical flaws patched on Patch Tuesday

May Security Bulletin covers wide range of vulnerabilities.
May Security Bulletin covers wide range of vulnerabilities.Microsoft's latest 'Patch Tuesday' security bulletin included fixes for seven vulnerabilities, all rated 'Critical' and… https://www.virusbulletin.com/blog/2007/05/7-critical-flaws-patched-patch-tuesday/

Microsoft to beat Symantec to corporate release punch

With Forefront due out soon, Symantec's latest release suffers further delay.
With Forefront due out soon, Symantec's latest release suffers further delay.Microsoft has announced the release to manufacture of Forefront Client, the corporate implementation of… https://www.virusbulletin.com/blog/2007/05/microsoft-beat-symantec-corporate-release-punch/

« Previous 1234 Next »