VB Blog

Malicious CCleaner update points to a major weakness in our infrastructure

Posted by   Martijn Grooten on   Sep 18, 2017

Researchers from Cisco Talos have found that a recent version of the widely used CCleaner tool installed malware on the machine.

Read more  

Despite the profitability of ransomware there is a good reason why mining malware is thriving

Posted by   Virus Bulletin on   Sep 15, 2017

Though ransomware is far more profitable than using a compromised PC to mine bitcoins, the global distribution of malware means that there are many botnets for which mining is the most efficient way to extract money out of a PC.

Read more  

VB2017 preview: Crypton - exposing malware's deepest secrets

Posted by   Martijn Grooten on   Sep 14, 2017

We preview the VB2017 paper by Julia Karpin and Anna Dorfman (F5 networks), in which they present a tool to decrypt encrypted parts of malware.

Read more  

VB2017 preview: Hacktivism and website defacement: motivations, capabilities and potential threats

Posted by   Martijn Grooten on   Sep 13, 2017

We preview the VB2017 paper by Marco Romagna and Niek Jan van den Hout (The Hague University of Applied Sciences), in which they thoroughly analyse the motivations and modus operandy of hacktivists.

Read more  

Three questions to ask about security product bypasses

Posted by   Martijn Grooten on   Sep 13, 2017

Proof-of-concepts for bypasses of security products always sound scary, but how seriously should we take them? VB Editor Martijn Grooten lists three questions one should ask about any such bypass to determine how serious a threat it represents.

Read more  

VB2017: WHOIS and EICAR Small Talks added

Posted by   Martijn Grooten on   Sep 12, 2017

Today, we announce two more 'Small Talks' for the VB2017 programme. In one of them, Neil Schwarzman will discuss the consequences of the GDPR for WHOIS and abuse research, while the other will be hosted by three members of EICAR, who will discuss its work on a trustworthiness strategy and minimum standard.

Read more  

VB2017: nine last-minute papers announced

Posted by   Martijn Grooten on   Sep 11, 2017

From attacks on Ukraine's power grid to web shells, and from car hacking to ransomware: we announce the first nine 'last-minute' papers on the VB2017 programme.

Read more  

Patching is important even when it only shows the maturity of your security process

Posted by   Martijn Grooten on   Sep 5, 2017

A lot of vulnerabilities that are discovered are never exploited in the wild. It is still important to patch them though.

Read more  

Massive data breach confirms what you already knew: you are getting spam

Posted by   Martijn Grooten on   Sep 4, 2017

A security researcher found more than 700 million email addresses stored on a server used by a spam botnet, which gives us some insight into what the email lists used by spammers look like.

Read more  

VB2017 preview: State of cybersecurity in Africa: Kenya

Posted by   Martijn Grooten on   Sep 4, 2017

We preview the VB2017 presentation by Tyrus Kamau (Euclid Security), who will talk about the state of cybersecurity in Africa, with a particular focus on his home country, Kenya.

Read more  
Previous1...3031323334...215Next

Search blog

Is publishing your employees' email addresses such a big deal?

Beware of a false sense of security.
Beware of a false sense of security. Security blogger Graham Cluley points to hypocrisy in a KPMG press release in which it criticises FTSE 350 companies for 'leaking data that can… https://www.virusbulletin.com/blog/2013/07/publishing-your-employees-email-addresses-such-big-deal/

Compromised Yahoo! accounts continue to spread Android malware

Problem likely to be on Yahoo!'s side.
Problem likely to be on Yahoo!'s side. In recent weeks, we have noticed an uptick in the amount of spam sent from compromised Yahoo! accounts; we have reasons to believe the… https://www.virusbulletin.com/blog/2013/06/compromised-yahoo-accounts-continue-spread-android-malware/

Vulnerabilities could trigger payload in emails upon receiving or opening

Flaws in IBM Notes and Exim/Dovecot easy to mitigate.
Flaws in IBM Notes and Exim/Dovecot easy to mitigate. Two recently discovered vulnerabilities in mail processing software could give an attacker access to a targeted system without… https://www.virusbulletin.com/blog/2013/05/vulnerabilities-could-trigger-payload-emails-upon-receiving-or-opening/

Different focus on spam needed

What happens before the filter doesn't matter too much.
What happens before the filter doesn't matter too much. It is surprisingly difficult to get accurate figures for the amount of spam that is sent globally, yet everyone agrees that… https://www.virusbulletin.com/blog/2013/04/different-focus-spam-needed/

Weak cryptography keys allow others to add valid DKIM signatures to fake emails

512-bit key cracked within 72 hours.
512-bit key cracked within 72 hours. A Florida-based mathematician has caused a stir in the email community by adding a valid DKIM signature for google.com to an email after… https://www.virusbulletin.com/blog/2012/10/weak-cryptography-keys-allow-others-add-valid-dkim-signatures-fake-emails/

Cybercriminals offering service flooding email, phone and SMS

DDoS-type attack could seriously disrupt business.
DDoS-type attack could seriously disrupt business. A new service is being offered on underground forums where between 25,000 and 100,000 emails are being sent to an email account… https://www.virusbulletin.com/blog/2012/07/cybercriminals-offering-service-flooding-email-phone-and-sms/

New RFC describes best practices for running DNS-based lists

DNSBL users advised to avoid those lists that charge for delisting.
DNSBL users advised to avoid those lists that charge for delisting. A new RFC document has been published that describes the best operational practices for the use of DNS-based… https://www.virusbulletin.com/blog/2012/01/new-rfc-describes-best-practices-running-dns-based-lists/

New RFC grants DKIM improved status

Email signing method now 'Draft Standard'.
Email signing method now 'Draft Standard'. The Internet Engineering Task Force (IETF) has published a new RFC describing the DKIM protocol which sees its status advance from… https://www.virusbulletin.com/blog/2011/09/new-rfc-grants-dkim-improved-status/

Windows Help Files used in targeted attacks

Files with code-executing properties attached to emails.
Files with code-executing properties attached to emails. Researchers at Symantec have discovered Windows Help Files being used in targeted attacks. Such help files, which use the… https://www.virusbulletin.com/blog/2011/09/windows-help-files-used-targeted-attacks/

Researchers find email used in RSA hack

Email with malicious attachment uploaded to online scanning service
Email with malicious attachment uploaded to online scanning service Researchers at F-Secure have managed to obtain the file used in the targeted attack against security vendor RSA… https://www.virusbulletin.com/blog/2011/08/researchers-find-email-used-rsa-hack/

Hotmail beefs up security with stricter password policy

'My friend has been spammed' button also welcomed by experts.
'My friend has been spammed' button also welcomed by experts.Microsoft's free webmail service Hotmail has introduced some new features which should make it less likely for its… https://www.virusbulletin.com/blog/2011/07/hotmail-beefs-security-stricter-password-policy/

'Job application' contains malicious attachment

$150,000 lost via banking trojan.
$150,000 lost via banking trojan. An unidentified US company has learned the hard way that email attachments - even to those that appear to be solicited - may contain malware. The… https://www.virusbulletin.com/blog/2011/01/job-application-contains-malicious-attachment/

ARF published as IETF standard

Abuse report format helps auto-handling of email complaints
Abuse report format helps auto-handling of email complaints ARF (Abuse Reporting Format) has been approved by the IETF as an Internet standard. ARF is a format used to send… https://www.virusbulletin.com/blog/2010/09/arf-published-ietf-standard/

« Previous 12 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.