VB Blog

School without thought - your thoughts

Posted by   Virus Bulletin on   Jun 30, 2003

Your thoughts on the University of Calgary's proposals to teach virus writing in its course on computer viruses and malware.

Read more  

Microsoft buys into AV

Posted by   Virus Bulletin on   Jun 10, 2003

Microsoft announces acquisition of anti-virus technology.

Read more  

School without thought

Posted by   Virus Bulletin on   Jun 1, 2003

University course teaches students to write malware.

Read more  

Military intelligence

Posted by   Virus Bulletin on   Apr 10, 2003

US Army gets serious about anti-virus.

Read more  

Same old, same old

Posted by   Virus Bulletin on   Apr 2, 2003

Virus writers plead stupidity...

Read more  

Security in the classroom

Posted by   Virus Bulletin on   Apr 1, 2003

Microsoft supporting secure code initiative at University of Leeds

Read more  

Lighter sentences for virus writers?

Posted by   Virus Bulletin on   Mar 3, 2003

A US report claims that sentences for computer-related crimes are too harsh.

Read more  

Anti-virus for Lindows

Posted by   Virus Bulletin on   Feb 20, 2003

Lindows teams up with Central Command to sell Linux anti-virus - a step in the right direction, but perhaps not far enough...

Read more  

Symantec press release backfires

Posted by   Virus Bulletin on   Feb 17, 2003

Watch out for your marketing department...

Read more  

VB2003 programme announced

Posted by   Virus Bulletin on   Feb 5, 2003

Details of the VB2003 conference programme announced ...

Read more  
Previous1...209210211212213214215Next

Search blog

VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel

Trickbot, a banking trojan which appeared this year, seems to be a new, more modular, and more extensible malware descendant of the notorious Dyre botnet trojan. At VB2017, Symantec researcher Andrew Brandt presented a walkthrough of a typical Trickbot in…
Trickbot, first reported a year ago by Malwarebytes researcher Jérôme Segura as the successor of Dyre/Dyreza, has become perhaps the most important banking trojan of 2017. It is… https://www.virusbulletin.com/blog/2017/11/vb2017-video-turning-trickbot-decoding-encrypted-command-and-control-channel/

Patching is important even when it only shows the maturity of your security process

A lot of vulnerabilities that are discovered are never exploited in the wild. It is still important to patch them though.
Sometimes a Tweet says more than a 50-minute conference presentation: Bad TLS as an externally measurable metric for whether an organisation has a mature security process,… https://www.virusbulletin.com/blog/2017/09/patching-important-even-when-it-only-shows-maturity-your-security-process/

Research paper shows it may be possible to distinguish malware traffic using TLS

Researchers at Cisco have published a paper describing how it may be possible to use machine learning to distinguish malware command-and-control traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C…
Researchers at Cisco have published a paper (PDF) describing how it may be possible to use machine learning to distinguish malware command-and-control (C&C) traffic using TLS from… https://www.virusbulletin.com/blog/2017/06/research-paper-shows-it-may-be-possible-distinguish-malware-traffic-using-tls/

Weak keys and prime reuse make Diffie-Hellman implementations vulnerable

'Logjam' attack possibly used by the NSA to decrypt VPN traffic.
'Logjam' attack possibly used by the NSA to decrypt VPN traffic. A group of researchers have discovered a number of vulnerabilities in the way the Diffie-Hellman key exchange… https://www.virusbulletin.com/blog/2015/05/weak-keys-and-prime-reuse-make-diffie-hellman-implementations-vulnerable/

POODLE is the brown M&Ms of security

Just because it won't be exploited, doesn't mean you shouldn't patch it.
Just because it won't be exploited, doesn't mean you shouldn't patch it. There is a famous story about the rock band Van Halen whose lists of requirements when performing a show… https://www.virusbulletin.com/blog/2015/04/poodle-brown-m-amp-ms-security/

FREAK attack takes HTTPS connections back to 1990s security

Golden keys from the (first) crypto wars have come back to haunt us.
Golden keys from the (first) crypto wars have come back to haunt us. When a web client makes a secure connection to a web server (using HTTPS), it starts by sending a 'Hello'… https://www.virusbulletin.com/blog/2015/03/freak-attack-takes-https-connections-back-1990s-security/

Book review: Bulletproof SSL and TLS

Must-read for anyone working with one of the Internet's most important protocols.
Must-read for anyone working with one of the Internet's most important protocols. I was reading Ivan Ristić's book Bulletproof SSL and TLS when rumours started to appear about an… https://www.virusbulletin.com/blog/2014/11/book-review-bulletproof-ssl-and-tls/

1 in 500 secure connections use forged certificate

For reasons ranging from relatively good, to actual malware.
For reasons ranging from relatively good, to actual malware. Researchers from Facebook and Carnegie Mellon University have published a paper (PDF) in which they show that out of a… https://www.virusbulletin.com/blog/2014/05/1-500-secure-connections-use-forged-certificate/

OpenSSL vulnerability lets attackers quietly steal servers' private keys

Security firm advises regenerating keys and replacing certificates on vulnerable servers.
Security firm advises regenerating keys and replacing certificates on vulnerable servers. A very serious vulnerability in OpenSSL has caused panic among network administrators:… https://www.virusbulletin.com/blog/2014/04/openssl-vulnerability-lets-attackers-quietly-steal-servers-private-keys/

41% of spam sent via Rustock botnet

Botnet spam back after short summer break.
Botnet spam back after short summer break. In its latest intelligence report, security firm MessageLabs reports that 41% of all spam is being sent through the Rustock botnet, an… https://www.virusbulletin.com/blog/2010/08/41-spam-sent-rustock-botnet/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.