VB Blog

Alleged author of creepy FruitFly macOS malware arrested

Posted by Martijn Grooten on Jan 11, 2018

A 28-year old man from Ohio has been arrested on suspicion of having created the mysterious FruitFly malware that targeted macOS and used it to spy on its victims.

Posted by Martijn Grooten on Jan 10, 2018

At the start of the new year, Virus Bulletin looks back at the threats seen in the 2017 and at the security products that are available to help mitigate them.

Posted by Martijn Grooten on Jan 9, 2018

Spamhaus's annual report on botnet activity shows that botherders tend to use popular, legitimate hosting providers, domain registrars and top-level domains when setting up command-and-control servers.

Posted by Martijn Grooten on Jan 5, 2018

As tech support scammers continue to target the computer illiterate through cold calling, VB's Martijn Grooten uses his own experience to share some advice on how to investigate such scams.

Posted by Martijn Grooten on Jan 4, 2018

Just four days into the new year, two serious attacks in modern processors, dubbed Meltdown and Spectre, have been discovered. The attacks can be mitigated by patches to the operating system, but anti-virus software vendors need to make sure their products are compatible with the patches.

Posted by Martijn Grooten on Dec 22, 2017

Martijn Grooten reports on the 20th AVAR conference, which took place earlier in December in Beijing, China.

Posted by Virus Bulletin on Dec 22, 2017

Virus Bulletin researchers report back from a very interesting fifth edition of Botconf, the botnet fighting conference.

Posted by Martijn Grooten on Dec 21, 2017

(In)security is a global issue that affects countries around the world, but in recent years none has been so badly hit as Ukraine. Today, we publish the videos of two VB2017 talks about attacks that hit Ukraine particularly badly: a talk by Alexander Adamov (NioGuard) on (Not)Petya and related attacks, and another by Robert Lipovsky and Anton Cherepanov (ESET) on Industroyer.

Posted by Martijn Grooten on Dec 21, 2017

On its website, Facebook now shows which emails it has sent you recently, thus helping you to determine which emails are real, and which should be discarded as phishing.

Posted by Martijn Grooten on Dec 19, 2017

Clarification in the language of the Wassenaar Arrangement, a multilateral export control regime for conventional arms and dual-use goods and technologies, means those involved in vulnerability disclosure or botnet takedown won't have to worry about acquiring an export licence.

Previous1...2526272829...215Next

Search blog

'Olympic' emails contain malicious XLS attachments

Malware writers sprint to use vulnerabilities before next Patch Tuesday.
Malware writers sprint to use vulnerabilities before next Patch Tuesday. Security researchers have reported seeing emails containing XLS attachments designed to exploit a yet… https://www.virusbulletin.com/blog/2008/03/olympic-emails-contain-malicious-xls-attachments/

Bumper Patch Tuesday short of one patch

Excel remains vulnerable as expected fix is dropped.
Excel remains vulnerable as expected fix is dropped.Microsoft has issued its monthly 'Patch Tuesday' set of security updates, with a larger than usual crop of patches for a variety… https://www.virusbulletin.com/blog/2008/02/bumper-patch-tuesday-short-one-patch/

More PDF exploits seen in wild

Adobe Reader and Acrobat flaws open way for further document attacks.
Adobe Reader and Acrobat flaws open way for further document attacks. A string of vulnerabilities in Adobe's PDF viewing and editing software, disclosed late last week by Adobe and… https://www.virusbulletin.com/blog/2008/02/more-pdf-exploits-seen-wild/

Yahoo! jukebox flaw exploits in wild

Zero day vulnerability in music system rapidly targeted.
Zero day vulnerability in music system rapidly targeted.Vulnerabilities in Yahoo! Jukebox, a free music-management system provided by Yahoo!, have been exploited by in-the-wild… https://www.virusbulletin.com/blog/2008/02/yahoo-jukebox-flaw-exploits-wild/

Microsoft alert on Excel vulnerability

Targeted exploitation of zero-day flaw seen in wild.
Targeted exploitation of zero-day flaw seen in wild.Microsoft has issued a security advisory on an unresolved vulnerability in its Excel software, which has been reported as a… https://www.virusbulletin.com/blog/2008/01/microsoft-alert-excel-vulnerability/

SQL attack hacks wide range of sites

CA among victims of major attack linking sites to malware.
CA among victims of major attack linking sites to malware. Huge numbers of legitimate websites - perhaps as many as 100,000 according to some reports - fell victim to hackers… https://www.virusbulletin.com/blog/2008/01/sql-attack-hacks-wide-range-sites/

Four IE bugs fixed by Patch Tuesday release

Seven updates, three critical in monthly security update.
Seven updates, three critical in monthly security update.Microsoft has released its monthly 'Patch Tuesday' security bulletin, featuring seven updates of which three are marked… https://www.virusbulletin.com/blog/2007/12/four-ie-bugs-fixed-patch-tuesday-release/

Grisoft acquires Exploit Prevention Labs

AVG to incorporate LinkScanner in further consolidation of security offerings.
AVG to incorporate LinkScanner in further consolidation of security offerings.Grisoft, developer of the AVG security product whose free version is widely deployed on home-user… https://www.virusbulletin.com/blog/2007/12/grisoft-acquires-exploit-prevention-labs/

SANS issues vulnerability top 20

Annual study of security risks finds software and humans present dangers.
Annual study of security risks finds software and humans present dangers. The SANS Institute has released its annual survey of vulnerabilities putting computer systems and networks… https://www.virusbulletin.com/blog/2007/11/sans-issues-vulnerability-top-20/

QuickTime flaw could open Windows PCs to hackers

Firefox users most vulnerable; Internet Explorer users should be wary too.
Firefox users most vulnerable; Internet Explorer users should be wary too. Polish security researcher Krystian Kloskowski has published a proof-of-concept exploit for a… https://www.virusbulletin.com/blog/2007/11/quicktime-flaw-could-open-windows-pcs-hackers/

Five-year-old design flaw found in all Windows versions

Microsoft engineers spend Thanksgiving holidays writing patch.
Microsoft engineers spend Thanksgiving holidays writing patch. During the Kiwicon conference earlier this month, ethical hacker Beau Butler from New Zealand disclosed a design flaw… https://www.virusbulletin.com/blog/2007/11/five-year-old-design-flaw-found-all-windows-versions/

Two fixes released on lightweight Patch Tuesday

Monthly security update covers just couple of dangers.
Monthly security update covers just couple of dangers.Microsoft has released its monthly 'Patch Tuesday' security bulletin, with only two patches issued, one rated 'Important' and… https://www.virusbulletin.com/blog/2007/11/two-fixes-released-lightweight-patch-tuesday/

PDF trojan exploits Adobe flaw

Reader/Acrobat vulnerability targeted day after patch release.
Reader/Acrobat vulnerability targeted day after patch release. A vulnerability in Adobe's popular PDF-viewing software Adobe Reader and editing suite Acrobat, first reported a… https://www.virusbulletin.com/blog/2007/10/pdf-trojan-exploits-adobe-flaw/

RealPlayer zero-day flaw exploited

Manufacturer responds rapidly to serious security hole.
Manufacturer responds rapidly to serious security hole. A zero-day vulnerability in the popular media playing system RealPlayer was spotted being exploited in the wild late last… https://www.virusbulletin.com/blog/2007/10/realplayer-zero-day-flaw-exploited/

Kaspersky fixes serious vulnerability in Online Scanner

Exploitable ActiveX control replaced in new version.
Exploitable ActiveX control replaced in new version.Kaspersky Lab has released an updated version of its popular free online scanner to remedy a vulnerability in an ActiveX control… https://www.virusbulletin.com/blog/2007/10/kaspersky-fixes-serious-vulnerability-online-scanner/

Word for Mac exploit spotted

Patch Tuesday flaw targeted by vulnerability.
Patch Tuesday flaw targeted by vulnerability. A vulnerability in the Apple Mac version of Microsoft Word, covered by a patch in this month's Patch Tuesday security update, has been… https://www.virusbulletin.com/blog/2007/10/word-mac-exploit-spotted/

4 out of 5 critical issues fixed on Patch Tuesday

Expected patch omitted from monthly security update.
Expected patch omitted from monthly security update.Microsoft has announced the contents of its monthly 'Patch Tuesday' security update release, with four 'Critical' and two… https://www.virusbulletin.com/blog/2007/10/4-out-5-critical-issues-fixed-patch-tuesday/

Adobe acknowledges PDF flaw, issues workaround

Registry hack provides temporary fix for vulnerability.
Registry hack provides temporary fix for vulnerability.Adobe has officially confirmed the vulnerability announced last month by researcher Petko Petkov, which could allow… https://www.virusbulletin.com/blog/2007/10/adobe-acknowledges-pdf-flaw-issues-workaround/

Sun patches serious Java flaws

Critical vulnerabilities covered by urgent patches.
Critical vulnerabilities covered by urgent patches.Sun Microsystems has issued a series of patches to fix several vulnerabilities in its popular Java software. Successful… https://www.virusbulletin.com/blog/2007/10/sun-patches-serious-java-flaws/

Alarm over possible PDF flaw

Vulnerability announcement hyped to disaster level.
Vulnerability announcement hyped to disaster level. The announcement of a potentially serious vulnerability in the ubiquitous Adobe PDF document format sparked considerable media… https://www.virusbulletin.com/blog/2007/10/alarm-over-possible-pdf-flaw/

« Previous 1234567 Next »