VB Blog

WordPress users urged to manually update to fix bug that prevents automatic updating

Posted by Martijn Grooten on Feb 8, 2018

Users of the popular WordPress content management system are urged to manually update their installation to version 4.9.4, as a bug in the previous version broke the ability to automatically install updates.

Posted by Martijn Grooten on Feb 7, 2018

The Andromeda botnet (aka Gamarue or Wauchos) has plagued Internet users for more than half a decade but, following a takedown effort and the arrest of the suspected botnet owner in December 2017, it is likely we have seen the end of it. In a new paper by Fortinet researchers Bahare Sabouri and He Xu, we look back at the evolution of Andromeda from version 2.06 to 2.10 and demonstrate both how it improved its loader to evade automatic analysis/detection and how the payload varied among the different versions.

Posted by Martijn Grooten on Feb 2, 2018

Reports of malware using the Meltdown or Spectre attacks are likely based on proof-of-concept code rather than files written for a malicious purpose.

Posted by Martijn Grooten on Feb 1, 2018

This Throwback Thursday, we republish the VB2012 paper by Microsoft researcher Amir Fouda, one of the earliest papers to look at malware targeting Bitcoin.

Posted by Martijn Grooten on Jan 31, 2018

We especially encourage those less experienced in speaking in public to submit to the call for papers for VB2018, where we aim to provide a friendly and welcoming environment in which people can both present their own research and learn from what others have been working on.

Posted by Martijn Grooten on Jan 25, 2018

At VB2017 in Madrid, security researcher Randy Abrams presented an overview of the VirusTotal service and then went on to bust several of the persistent myths that surround it. Today we publish both Randy's paper and the recording of his presentation.

Posted by Martijn Grooten on Jan 24, 2018

A new computer emergency response team has been launched in the Netherlands to provide guidance specifically tailored to the healthcare sector. Martijn Grooten welcomes the development.

Posted by Martijn Grooten on Jan 23, 2018

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2018 is now open and we want to hear from you!

Posted by Martijn Grooten on Jan 22, 2018

VB Editor Martijn Grooten recommends Jean-Philippe Aumasson's 'Serious Cryptography' as a very solid but practically focused introduction to cryptography.

Posted by Martijn Grooten on Jan 16, 2018

A Necurs pump-and-dump spam campaign pushing the lesser known Swisscoin botnet is mostly background noise for the Internet.

Previous1...2425262728...215Next

Search blog

'Olympic' emails contain malicious XLS attachments

Malware writers sprint to use vulnerabilities before next Patch Tuesday.
Malware writers sprint to use vulnerabilities before next Patch Tuesday. Security researchers have reported seeing emails containing XLS attachments designed to exploit a yet… https://www.virusbulletin.com/blog/2008/03/olympic-emails-contain-malicious-xls-attachments/

Bumper Patch Tuesday short of one patch

Excel remains vulnerable as expected fix is dropped.
Excel remains vulnerable as expected fix is dropped.Microsoft has issued its monthly 'Patch Tuesday' set of security updates, with a larger than usual crop of patches for a variety… https://www.virusbulletin.com/blog/2008/02/bumper-patch-tuesday-short-one-patch/

More PDF exploits seen in wild

Adobe Reader and Acrobat flaws open way for further document attacks.
Adobe Reader and Acrobat flaws open way for further document attacks. A string of vulnerabilities in Adobe's PDF viewing and editing software, disclosed late last week by Adobe and… https://www.virusbulletin.com/blog/2008/02/more-pdf-exploits-seen-wild/

Yahoo! jukebox flaw exploits in wild

Zero day vulnerability in music system rapidly targeted.
Zero day vulnerability in music system rapidly targeted.Vulnerabilities in Yahoo! Jukebox, a free music-management system provided by Yahoo!, have been exploited by in-the-wild… https://www.virusbulletin.com/blog/2008/02/yahoo-jukebox-flaw-exploits-wild/

Microsoft alert on Excel vulnerability

Targeted exploitation of zero-day flaw seen in wild.
Targeted exploitation of zero-day flaw seen in wild.Microsoft has issued a security advisory on an unresolved vulnerability in its Excel software, which has been reported as a… https://www.virusbulletin.com/blog/2008/01/microsoft-alert-excel-vulnerability/

SQL attack hacks wide range of sites

CA among victims of major attack linking sites to malware.
CA among victims of major attack linking sites to malware. Huge numbers of legitimate websites - perhaps as many as 100,000 according to some reports - fell victim to hackers… https://www.virusbulletin.com/blog/2008/01/sql-attack-hacks-wide-range-sites/

Four IE bugs fixed by Patch Tuesday release

Seven updates, three critical in monthly security update.
Seven updates, three critical in monthly security update.Microsoft has released its monthly 'Patch Tuesday' security bulletin, featuring seven updates of which three are marked… https://www.virusbulletin.com/blog/2007/12/four-ie-bugs-fixed-patch-tuesday-release/

Grisoft acquires Exploit Prevention Labs

AVG to incorporate LinkScanner in further consolidation of security offerings.
AVG to incorporate LinkScanner in further consolidation of security offerings.Grisoft, developer of the AVG security product whose free version is widely deployed on home-user… https://www.virusbulletin.com/blog/2007/12/grisoft-acquires-exploit-prevention-labs/

SANS issues vulnerability top 20

Annual study of security risks finds software and humans present dangers.
Annual study of security risks finds software and humans present dangers. The SANS Institute has released its annual survey of vulnerabilities putting computer systems and networks… https://www.virusbulletin.com/blog/2007/11/sans-issues-vulnerability-top-20/

QuickTime flaw could open Windows PCs to hackers

Firefox users most vulnerable; Internet Explorer users should be wary too.
Firefox users most vulnerable; Internet Explorer users should be wary too. Polish security researcher Krystian Kloskowski has published a proof-of-concept exploit for a… https://www.virusbulletin.com/blog/2007/11/quicktime-flaw-could-open-windows-pcs-hackers/

Five-year-old design flaw found in all Windows versions

Microsoft engineers spend Thanksgiving holidays writing patch.
Microsoft engineers spend Thanksgiving holidays writing patch. During the Kiwicon conference earlier this month, ethical hacker Beau Butler from New Zealand disclosed a design flaw… https://www.virusbulletin.com/blog/2007/11/five-year-old-design-flaw-found-all-windows-versions/

Two fixes released on lightweight Patch Tuesday

Monthly security update covers just couple of dangers.
Monthly security update covers just couple of dangers.Microsoft has released its monthly 'Patch Tuesday' security bulletin, with only two patches issued, one rated 'Important' and… https://www.virusbulletin.com/blog/2007/11/two-fixes-released-lightweight-patch-tuesday/

PDF trojan exploits Adobe flaw

Reader/Acrobat vulnerability targeted day after patch release.
Reader/Acrobat vulnerability targeted day after patch release. A vulnerability in Adobe's popular PDF-viewing software Adobe Reader and editing suite Acrobat, first reported a… https://www.virusbulletin.com/blog/2007/10/pdf-trojan-exploits-adobe-flaw/

RealPlayer zero-day flaw exploited

Manufacturer responds rapidly to serious security hole.
Manufacturer responds rapidly to serious security hole. A zero-day vulnerability in the popular media playing system RealPlayer was spotted being exploited in the wild late last… https://www.virusbulletin.com/blog/2007/10/realplayer-zero-day-flaw-exploited/

Kaspersky fixes serious vulnerability in Online Scanner

Exploitable ActiveX control replaced in new version.
Exploitable ActiveX control replaced in new version.Kaspersky Lab has released an updated version of its popular free online scanner to remedy a vulnerability in an ActiveX control… https://www.virusbulletin.com/blog/2007/10/kaspersky-fixes-serious-vulnerability-online-scanner/

Word for Mac exploit spotted

Patch Tuesday flaw targeted by vulnerability.
Patch Tuesday flaw targeted by vulnerability. A vulnerability in the Apple Mac version of Microsoft Word, covered by a patch in this month's Patch Tuesday security update, has been… https://www.virusbulletin.com/blog/2007/10/word-mac-exploit-spotted/

4 out of 5 critical issues fixed on Patch Tuesday

Expected patch omitted from monthly security update.
Expected patch omitted from monthly security update.Microsoft has announced the contents of its monthly 'Patch Tuesday' security update release, with four 'Critical' and two… https://www.virusbulletin.com/blog/2007/10/4-out-5-critical-issues-fixed-patch-tuesday/

Adobe acknowledges PDF flaw, issues workaround

Registry hack provides temporary fix for vulnerability.
Registry hack provides temporary fix for vulnerability.Adobe has officially confirmed the vulnerability announced last month by researcher Petko Petkov, which could allow… https://www.virusbulletin.com/blog/2007/10/adobe-acknowledges-pdf-flaw-issues-workaround/

Sun patches serious Java flaws

Critical vulnerabilities covered by urgent patches.
Critical vulnerabilities covered by urgent patches.Sun Microsystems has issued a series of patches to fix several vulnerabilities in its popular Java software. Successful… https://www.virusbulletin.com/blog/2007/10/sun-patches-serious-java-flaws/

Alarm over possible PDF flaw

Vulnerability announcement hyped to disaster level.
Vulnerability announcement hyped to disaster level. The announcement of a potentially serious vulnerability in the ubiquitous Adobe PDF document format sparked considerable media… https://www.virusbulletin.com/blog/2007/10/alarm-over-possible-pdf-flaw/

« Previous 1234567 Next »