VB Blog

VB2017 preview: Calling all PUA fighters

Posted by   Martijn Grooten on   Aug 31, 2017

We preview the VB2017 Small Talk to be given by AppEsteem's Dennis Batchelder that should help security vendors make decisions about apps whose behaviours sit right on the limits of what is acceptable from a security point of view.

Read more  

VB2017 preview: From insider threat to insider asset: a practical guide

Posted by   Martijn Grooten on   Aug 30, 2017

We preview the VB2017 paper by Forcepoint's Kristin Leary and Richard Ford, who will discuss a practical approach to preventing insider attacks.

Read more  

WireX DDoS botnet takedown shows the best side of the security industry

Posted by   Martijn Grooten on   Aug 29, 2017

Collaboration between a number of security companies has led to the takedown of the WireX Android DDoS botnet. Efforts like these, and the fact that the companies involved all decided to publish the very same blog post, show the best side of the security industry.

Read more  

VB2017 preview: Your role in child abuse

Posted by   Martijn Grooten on   Aug 28, 2017

We preview the VB2017 presentation by Mick Moran, who will discuss online child abuse and the role the security community can play fighting it.

Read more  

ROPEMAKER email exploit is of limited practical use

Posted by   Martijn Grooten on   Aug 28, 2017

Researchers at Mimecast have published a paper about the 'ROPEMAKER' exploit, which allows an email sender with malicious intentions to change the visial appearance of an email after it has been delivered.

Read more  

VB2017 preview: Mariachis and jackpotting: ATM malware from Latin America

Posted by   Martijn Grooten on   Aug 25, 2017

We preview the VB2017 presentation by Kaspersky Lab researchers Thiago Marques and Fabio Assolini in which they look at malware targeting ATMs in Latin America.

Read more  

VB2017 preview: Stuck between a ROC and a hard place

Posted by   Martijn Grooten on   Aug 24, 2017

We preview the VB2017 paper by Microsoft's Holly Stewart and Joe Blackbird, which uses data about users switching anti-virus provider to decide whether machine-learning models should favour avoiding false positives over false negatives.

Read more  

VB2017 preview: Consequences of bad security in health care

Posted by   Martijn Grooten on   Aug 23, 2017

We preview the VB2017 presentation by Jelena Milosevic, an ICU nurse by profession, who will provide the audience with an inside view of security in hospitals.

Read more  

VB2017 Small Talk: The encryption vs. inspection debate

Posted by   Martijn Grooten on   Aug 22, 2017

At VB2017, Cloudflare's Head of Cryptography Nick Sullivan will give a Small Talk on the intercepting of HTTPS connections by proxies and anti-virus software.

Read more  

Throwback Thursday: Ten memorable Virus Bulletin conference presentations - part 2

Posted by   Virus Bulletin on   Aug 10, 2017

In the second part of this two-part blog series, we look at five more memorable Virus Bulletin conference presentations.

Read more  
Previous1...3132333435...215Next

Search blog

Symbian SMS pest highlighted

Mobile exploit attack disables messaging.
Mobile exploit attack disables messaging. A presentation at a popular hacking forum has brought much attention to a flaw in the SMS processing in some versions of the Symbian… https://www.virusbulletin.com/blog/2009/01/symbian-sms-pest-highlighted/

MS to release out-of-band patch for critical IE vulnerability

Users advised to patch ASAP.
Users advised to patch ASAP.Microsoft is set to release an emergency out-of-band patch for the vulnerability in its Internet Explorer browser reported last week. Attacks via the… https://www.virusbulletin.com/blog/2008/12/ms-release-out-band-patch-critical-ie-vulnerability/

IE zero-day danger growing

Large numbers of users vulnerable to unpatched problem.
Large numbers of users vulnerable to unpatched problem. The as-yet unpatched vulnerability in Microsoft's Internet Explorer browser, reported last week and coinciding with the… https://www.virusbulletin.com/blog/2008/12/ie-zero-day-danger-growing/

FTC goes after scareware scammers

Courts crack down on pushers of rogue anti-malware.
Courts crack down on pushers of rogue anti-malware. The US Federal Trade Commission (FTC) has announced a successful move to persuade a US district court to shut down a major… https://www.virusbulletin.com/blog/2008/12/ftc-goes-after-scareware-scammers/

Patch Tuesday released closely followed by emergency update

Bumper crop of patches plus further fix leave known holes open.
Bumper crop of patches plus further fix leave known holes open. This month's 'Patch Tuesday' security bulletin from Microsoft contained eight separate updates, two more than… https://www.virusbulletin.com/blog/2008/12/patch-tuesday-released-closely-followed-emergency-update/

Worm targets MS08-067 vulnerability

Exploit attack patches flaw once system penetrated.
Exploit attack patches flaw once system penetrated. A worm has been seen taking advantage of the vulnerability in Microsoft's Windows Server Service, patched out-of-cycle last… https://www.virusbulletin.com/blog/2008/12/worm-targets-ms08-067-vulnerability/

Two updates in Microsoft's November's patch release

Just two updates released by Microsoft this month: one rated critical, one important.
Just two updates released by Microsoft this month: one rated critical, one important.Microsoft has issued two updates in the November round of its monthly patch release cycle, one… https://www.virusbulletin.com/blog/2008/11/two-updates-microsoft-s-november-s-patch-release/

Microsoft issues emergency patch

Out-of-cycle update fixes serious, wormable flaw.
Out-of-cycle update fixes serious, wormable flaw.Microsoft has issued an emergency update to cover a serious vulnerability in the Windows Server service, breaking its usual monthly… https://www.virusbulletin.com/blog/2008/10/microsoft-issues-emergency-patch/

Vulnerability test raises hackles

Secunia suite trial slates lack of PoC detection, but test methods called into question.
Secunia suite trial slates lack of PoC detection, but test methods called into question. Vulnerability specialist Secunia published the results of a trial of internet security… https://www.virusbulletin.com/blog/2008/10/vulnerability-test-raises-hackles/

Four critical updates this Patch Tuesday

11 updates to be issued by Microsoft in October's monthly patch release: 4 critical.
11 updates to be issued by Microsoft in October's monthly patch release: 4 critical.Microsoft has prepared a total of 11 updates for the October round of its monthly patch release… https://www.virusbulletin.com/blog/2008/10/four-critical-updates-patch-tuesday/

Four critical updates in Patch Tuesday release

Monthly security update small but vital.
Monthly security update small but vital.Microsoft has released its monthly 'Patch Tuesday' batch of security updates, with only four items on the list but all of them marked… https://www.virusbulletin.com/blog/2008/09/four-critical-updates-patch-tuesday-release/

Trend OfficeScan flaws labelled highly critical

Web-delivered products at risk of allowing remote access.
Web-delivered products at risk of allowing remote access. A set of vulnerabilities have been reported in Trend Micro's Officescan product, which have been flagged with the 'Highly… https://www.virusbulletin.com/blog/2008/08/trend-officescan-flaws-labelled-highly-critical/

DNS flaw exploitation danger growing

Slow patchers targeted by sophisticated attacks.
Slow patchers targeted by sophisticated attacks. The serious vulnerability in the implementation of DNS systems has been targeted by malicious attacks, as security watchers have… https://www.virusbulletin.com/blog/2008/08/dns-flaw-exploitation-danger-growing/

Patch Tuesday sees serious DNS flaws fixed

Nothing marked critical, but some very important patches issued.
Nothing marked critical, but some very important patches issued.Microsoft's latest 'Patch Tuesday' round of security updates for once contains no bulletins marked as 'critical',… https://www.virusbulletin.com/blog/2008/07/patch-tuesday-sees-serious-dns-flaws-fixed/

Macs under attack from trojan double whammy

Two new threats in a week spark worries of approaching Mac malware era.
Two new threats in a week spark worries of approaching Mac malware era. Users of Apple Mac systems, who have so far only suffered from minimal attention from malware creators, may… https://www.virusbulletin.com/blog/2008/06/macs-under-attack-trojan-double-whammy/

Microsoft releases latest Patch Tuesday fixes

7 vulnerabilities, 3 critical, addressed in June security update.
7 vulnerabilities, 3 critical, addressed in June security update.Microsoft has issued its monthly 'Patch Tuesday' set of security fixes, with seven separate areas covered of which… https://www.virusbulletin.com/blog/2008/06/microsoft-releases-latest-patch-tuesday-fixes/

Microsoft increases pressure on Apple to fix Safari blended threat

'Carpet bombing' vulnerability more serious than Apple claims, MS warns.
'Carpet bombing' vulnerability more serious than Apple claims, MS warns.Microsoft, whose Internet Explorer has come under frequent criticism for security vulnerabilities, has… https://www.virusbulletin.com/blog/2008/06/microsoft-increases-pressure-apple-fix-safari-blended-threat/

Latest Patch Tuesday update released

Microsoft announces five 'critical' vulnerabilities need fixing.
Microsoft announces five 'critical' vulnerabilities need fixing.Microsoft has issued its monthly 'Patch Tuesday' security bulletin, with five 'critical' and three 'important'… https://www.virusbulletin.com/blog/2008/04/latest-patch-tuesday-update-released/

Latest Patch Tuesday release

March's Patch Tuesday sees four 'critical' updates.
March's Patch Tuesday sees four 'critical' updates.Microsoft has released its monthly 'Patch Tuesday' security bulletin. This month the bulletin features four 'critical' updates,… https://www.virusbulletin.com/blog/2008/03/latest-patch-tuesday-release/

Cisco announces 'Patch Wednesdays'

Cisco set to embark on regular release cycle.
Cisco set to embark on regular release cycle. Following a trend set by Microsoft's monthly 'Patch Tuesdays' and Oracle's quarterly security updates, networking giant Cisco has… https://www.virusbulletin.com/blog/2008/03/cisco-announces-patch-wednesdays/

« Previous 1234567 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.