VB Blog

What would Cameron's 'anti-terrorism' proposals mean for the UK?

Posted by   Virus Bulletin on   Jan 15, 2015

Proposals could cause serious damage to business and the economy, and are unlikely to stop terrorism.

Read more  

VB2014 paper: Duping the machine - malware strategies, post sandbox detection

Posted by   Virus Bulletin on   Jan 13, 2015

James Wyke looks at malware that takes extra steps to frustrate researchers.

Read more  

Microsoft no longer publishes advance notifications for its Patch Tuesdays

Posted by   Virus Bulletin on   Jan 12, 2015

Company unhappy with Google going full disclosure on privilege escalation vulnerability.

Read more  

VB2014 Paper: Attack surface analysis of Tizen devices

Posted by   Virus Bulletin on   Jan 8, 2015

Irfan Asrar looks at the security of the operating system used in many IoT devices.

Read more  

VB2014 paper: Unveiling the kernel: rootkit discovery using selective automated kernel memory differencing

Posted by   Virus Bulletin on   Jan 6, 2015

Ahmed Zaki and Benjamin Humphrey describe a system they built for the automated detection of rootkit behaviour.

Read more  

New VB100 and VBSpam test results published

Posted by   Virus Bulletin on   Jan 6, 2015

See which anti-malware and anti-spam solutions achieved certification.

Read more  

Virus Bulletin wishes you a great 2015

Posted by   Virus Bulletin on   Jan 5, 2015

See you in Prague - and on the Internet!

Read more  

Conference review: Botconf 2014

Posted by   Virus Bulletin on   Dec 22, 2014

Second edition of 'botnet fighting conference' another great success.

Read more  

Call for Papers: VB2015 Prague

Posted by   Virus Bulletin on   Dec 19, 2014

VB seeks submissions for the 25th Virus Bulletin Conference.

Read more  

Book review: Countdown to Zero Day

Posted by   Virus Bulletin on   Dec 18, 2014

Kim Zetter's book on Stuxnet is a must-read for anyone interested in malware - or in 21st century geopolitics.

Read more  
Previous1...6061626364...215Next

Search blog

Is publishing your employees' email addresses such a big deal?

Beware of a false sense of security.
Beware of a false sense of security. Security blogger Graham Cluley points to hypocrisy in a KPMG press release in which it criticises FTSE 350 companies for 'leaking data that can… https://www.virusbulletin.com/blog/2013/07/publishing-your-employees-email-addresses-such-big-deal/

Compromised Yahoo! accounts continue to spread Android malware

Problem likely to be on Yahoo!'s side.
Problem likely to be on Yahoo!'s side. In recent weeks, we have noticed an uptick in the amount of spam sent from compromised Yahoo! accounts; we have reasons to believe the… https://www.virusbulletin.com/blog/2013/06/compromised-yahoo-accounts-continue-spread-android-malware/

Vulnerabilities could trigger payload in emails upon receiving or opening

Flaws in IBM Notes and Exim/Dovecot easy to mitigate.
Flaws in IBM Notes and Exim/Dovecot easy to mitigate. Two recently discovered vulnerabilities in mail processing software could give an attacker access to a targeted system without… https://www.virusbulletin.com/blog/2013/05/vulnerabilities-could-trigger-payload-emails-upon-receiving-or-opening/

Different focus on spam needed

What happens before the filter doesn't matter too much.
What happens before the filter doesn't matter too much. It is surprisingly difficult to get accurate figures for the amount of spam that is sent globally, yet everyone agrees that… https://www.virusbulletin.com/blog/2013/04/different-focus-spam-needed/

Weak cryptography keys allow others to add valid DKIM signatures to fake emails

512-bit key cracked within 72 hours.
512-bit key cracked within 72 hours. A Florida-based mathematician has caused a stir in the email community by adding a valid DKIM signature for google.com to an email after… https://www.virusbulletin.com/blog/2012/10/weak-cryptography-keys-allow-others-add-valid-dkim-signatures-fake-emails/

Cybercriminals offering service flooding email, phone and SMS

DDoS-type attack could seriously disrupt business.
DDoS-type attack could seriously disrupt business. A new service is being offered on underground forums where between 25,000 and 100,000 emails are being sent to an email account… https://www.virusbulletin.com/blog/2012/07/cybercriminals-offering-service-flooding-email-phone-and-sms/

New RFC describes best practices for running DNS-based lists

DNSBL users advised to avoid those lists that charge for delisting.
DNSBL users advised to avoid those lists that charge for delisting. A new RFC document has been published that describes the best operational practices for the use of DNS-based… https://www.virusbulletin.com/blog/2012/01/new-rfc-describes-best-practices-running-dns-based-lists/

New RFC grants DKIM improved status

Email signing method now 'Draft Standard'.
Email signing method now 'Draft Standard'. The Internet Engineering Task Force (IETF) has published a new RFC describing the DKIM protocol which sees its status advance from… https://www.virusbulletin.com/blog/2011/09/new-rfc-grants-dkim-improved-status/

Windows Help Files used in targeted attacks

Files with code-executing properties attached to emails.
Files with code-executing properties attached to emails. Researchers at Symantec have discovered Windows Help Files being used in targeted attacks. Such help files, which use the… https://www.virusbulletin.com/blog/2011/09/windows-help-files-used-targeted-attacks/

Researchers find email used in RSA hack

Email with malicious attachment uploaded to online scanning service
Email with malicious attachment uploaded to online scanning service Researchers at F-Secure have managed to obtain the file used in the targeted attack against security vendor RSA… https://www.virusbulletin.com/blog/2011/08/researchers-find-email-used-rsa-hack/

Hotmail beefs up security with stricter password policy

'My friend has been spammed' button also welcomed by experts.
'My friend has been spammed' button also welcomed by experts.Microsoft's free webmail service Hotmail has introduced some new features which should make it less likely for its… https://www.virusbulletin.com/blog/2011/07/hotmail-beefs-security-stricter-password-policy/

'Job application' contains malicious attachment

$150,000 lost via banking trojan.
$150,000 lost via banking trojan. An unidentified US company has learned the hard way that email attachments - even to those that appear to be solicited - may contain malware. The… https://www.virusbulletin.com/blog/2011/01/job-application-contains-malicious-attachment/

ARF published as IETF standard

Abuse report format helps auto-handling of email complaints
Abuse report format helps auto-handling of email complaints ARF (Abuse Reporting Format) has been approved by the IETF as an Internet standard. ARF is a format used to send… https://www.virusbulletin.com/blog/2010/09/arf-published-ietf-standard/

« Previous 12 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.