VB Blog

VB2021 localhost call for papers: a great opportunity

Posted by Virus Bulletin on Mar 17, 2021

VB2021 localhost presents an exciting opportunity to share your research with an even wider cross section of the IT security community around the world than usual, without having to take time out of your work schedule (or budget) to travel.

Posted by Virus Bulletin on Mar 2, 2021

In a follow-up to an article published last week, Kurt Natvig takes us through the analysis of a new malicious sample using the .xlsb file format.

Posted by Virus Bulletin on Feb 23, 2021

In a new article, researcher Kurt Natvig takes a close look at XF 4.0 malware.

Posted by Virus Bulletin on Jan 29, 2021

At VB2019, CSIS researcher Benoît Ancel spoke about a quiet banking trojan actor that has been targeting German users since at least 2014.

Posted by Virus Bulletin on Jan 19, 2021

The call for papers for VB2021 is now open and we want to hear from you - we're planning for flexible presentation formats, so everyone is encouraged to submit, regardless of whether or not you know at this stage whether you'll be able to travel to Prague!

Posted by Virus Bulletin on Jan 11, 2021

We were very sorry to learn of the passing of researcher Yonathan Klijnsma last week. Here, former VB Editor Martijn Grooten shares his memories of a talented researcher and a very kind person: this month, infosec lost a really good one.

Posted by Virus Bulletin on Jan 8, 2021

VB has made all VB2020 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

Posted by Virus Bulletin on Dec 8, 2020

At VB2020 localhost, threat intelligence consultant Jamie Collier used the analytical technique of backcasting to look at the rise and fall of the cyber threat intelligence industry.

Posted by Virus Bulletin on Dec 4, 2020

At VB2020 localhost, Carbon Black's Scott Knight presented an approach he and his colleagues have taken to more realistically simulate malware attacks.

Posted by Virus Bulletin on Dec 2, 2020

At VB2020, researcher Paul Litvak revealed how he put together a comprehensive map of threat actor use of open-source offensive security tools.

Previous1234567...215Next

Search blog

Recently discovered Java vulnerability being added to exploit kit

Kit 'patched' to include latest exploit; users urged to patch their software too.
Kit 'patched' to include latest exploit; users urged to patch their software too. Security researcher and journalist Brian Krebs has found evidence that a recently discovered… https://www.virusbulletin.com/blog/2011/11/recently-discovered-java-vulnerability-being-added-exploit-kit/

Adobe releases emergency update for Flash Player

Zero-day exploit actively being abused.
Zero-day exploit actively being abused.Adobe has announced it will release an update for its Flash Player on Friday 15 April, fixing a vulnerability that is currently being… https://www.virusbulletin.com/blog/2011/04/adobe-releases-emergency-update-flash-player/

Hefty Patch Tuesday bulletin rounds off bumper year

No sign of an end to vulnerability glut.
No sign of an end to vulnerability glut.Microsoft released its monthly Patch Tuesday security bulletin yesterday, with details of a hefty 17 alerts covering 40 separate… https://www.virusbulletin.com/blog/2010/12/hefty-patch-tuesday-bulletin-rounds-bumper-year/

Security fixes from Apple and Microsoft

100 security fixes in latest OS X update; three MS security updates in this month's patch release.
100 security fixes in latest OS X update; three MS security updates in this month's patch release. The latest release of Mac operating system OS X (Mac OS X v10.6.5) contains over… https://www.virusbulletin.com/blog/2010/11/security-fixes-apple-and-microsoft/

Giant patch release from Microsoft, Oracle

Record Patch Tuesday combines with swathe of extra fixes for corporates.
Record Patch Tuesday combines with swathe of extra fixes for corporates. It's a busy week for corporate admins as Microsoft's monthly Patch Tuesday security bulletin, containing a… https://www.virusbulletin.com/blog/2010/10/giant-patch-release-microsoft-oracle/

Microsoft releases new fix for DLL vulnerability

Earlier workaround believed to be too complex for most users.
Earlier workaround believed to be too complex for most users. A week after Microsoft released a fix for a DLL vulnerability that affected a large number of programs running on its… https://www.virusbulletin.com/blog/2010/09/microsoft-releases-new-fix-dll-vulnerability/

Extra-large crop of updates for Patch Tuesday

Fourteen security alerts from Microsoft join two from Adobe.
Fourteen security alerts from Microsoft join two from Adobe.Microsoft's monthly Patch Tuesday security bulletins came out this week, featuring a chunky 14 separate alerts with many… https://www.virusbulletin.com/blog/2010/08/extra-large-crop-updates-patch-tuesday/

Android SMS trojan goes wild

Premium-rate text scam shows growing cracks in smart phone security.
Premium-rate text scam shows growing cracks in smart phone security. The first known SMS trojan affecting smart phones running Google's Android operating system has been observed… https://www.virusbulletin.com/blog/2010/08/android-sms-trojan-goes-wild/

Patches come thick and fast in major update spree

Monthly and out-of-band issues flood admins' to-do lists.
Monthly and out-of-band issues flood admins' to-do lists. The release of this month's Patch Tuesday security bulletins from Microsoft, with a fairly average 10 alerts covering 34… https://www.virusbulletin.com/blog/2010/06/patches-come-thick-and-fast-major-update-spree/

Patch Tuesday release includes 13 bulletins

26 vulnerabilities featured in sizeable update set.
26 vulnerabilities featured in sizeable update set. After a relatively quiet January, administrators are faced with a hefty workload this week as Microsoft's monthly Patch Tuesday… https://www.virusbulletin.com/blog/2010/02/patch-tuesday-release-includes-13-bulletins/

IE zero-day bug fixed in Patch Tuesday updates

Serious browser bug main feature of monthly alerts, Adobe Flash issue also patched.
Serious browser bug main feature of monthly alerts, Adobe Flash issue also patched.Microsoft has released the December Patch Tuesday security bulletin, with a total of six alerts.… https://www.virusbulletin.com/blog/2009/12/ie-zero-day-bug-fixed-patch-tuesday-updates/

Bumper crop of October patch releases

Busy weeks for admins as Patch Tuesday joined by Adobe fixes, and Mozilla announces plug-in checking plans.
Busy weeks for admins as Patch Tuesday joined by Adobe fixes, and Mozilla announces plug-in checking plans. This week has seen Microsoft's monthly Patch Tuesday release of security… https://www.virusbulletin.com/blog/2009/10/bumper-crop-october-patch-releases/

Patch Tuesday brings little relief from browser exploits

Six fixes issued, but new IE zero day emerges along with Firefox flaw.
Six fixes issued, but new IE zero day emerges along with Firefox flaw.Microsoft has issued its monthly 'Patch Tuesday' security update, with some serious browser flaws patched, but… https://www.virusbulletin.com/blog/2009/07/patch-tuesday-brings-little-relief-browser-exploits/

Another IE zero day exploited

Second DirectShow vulnerability in six weeks labelled 'extremely critical'.
Second DirectShow vulnerability in six weeks labelled 'extremely critical'.Microsoft has issued an advisory on a serious vulnerability in an ActiveX control in its Internet… https://www.virusbulletin.com/blog/2009/07/another-ie-zero-day-exploited/

Gumblar compromise growth continues

Dominant web threat infecting still more vulnerable sites.
Dominant web threat infecting still more vulnerable sites. A major web compromise, estimated by some to represent over 40% of infected web pages last week, has continued growing in… https://www.virusbulletin.com/blog/2009/05/gumblar-compromise-growth-continues/

Security holes trouble vendors

Vulnerabilities fixed in McAfee website and Google Chrome; patch expected for Adobe Reader.
Vulnerabilities fixed in McAfee website and Google Chrome; patch expected for Adobe Reader. A range of vulnerabilities have been causing headaches recently for companies… https://www.virusbulletin.com/blog/2009/05/security-holes-trouble-vendors/

Eight fixes for April Patch Tuesday release

Five critical updates in latest monthly patch release.
Five critical updates in latest monthly patch release. The April Patch Tuesday release from Microsoft, revealed this week, contained five updates rated 'critical', as well as two… https://www.virusbulletin.com/blog/2009/04/eight-fixes-april-patch-tuesday-release/

March Patch Tuesday followed by PDF viewer patches

Major kernel issue and PDF problems fixed, spreadsheet software remains vulnerable.
Major kernel issue and PDF problems fixed, spreadsheet software remains vulnerable.Microsoft released the March security bulletin this week, with the monthly Patch Tuesday updates… https://www.virusbulletin.com/blog/2009/03/march-patch-tuesday-followed-pdf-viewer-patches/

IE fixed as usual in Patch Tuesday release

Browser should be treated as special case, say some.
Browser should be treated as special case, say some. The February 'Patch Tuesday' security bulletin from Microsoft this week contained four patches, two of them marked 'Critical',… https://www.virusbulletin.com/blog/2009/02/ie-fixed-usual-patch-tuesday-release/

Kaspersky website suffers SQL vulnerability

Hackers gain access to tables, no user data stolen.
Hackers gain access to tables, no user data stolen. A security flaw in a local website of security firm Kaspersky Lab was spotted by hackers over the weekend, with an SQL infection… https://www.virusbulletin.com/blog/2009/02/kaspersky-website-suffers-sql-vulnerability/

« Previous 1234567 Next »