VB Blog

VB2020 presentation & paper: Advanced Pasta Threat: mapping threat actor usage of open-source offensive security tools

Posted by   Virus Bulletin on   Dec 2, 2020

At VB2020, researcher Paul Litvak revealed how he put together a comprehensive map of threat actor use of open-source offensive security tools.

Read more  

VB2020 presentation: Evolution of Excel 4.0 macro weaponization

Posted by   Virus Bulletin on   Nov 30, 2020

At VB2020 localhost James Haughom, Stefano Ortolani and Baibhav Singh gave a presentation in which they described how XL4 macros are being weaponised and the evolution of the techniques used.

Read more  

Cybersecurity Assessment Tool launched by Ford Foundation

Posted by   Virus Bulletin on   Nov 20, 2020

The Ford Foundation has launched a tool designed to help nonprofit organizations assess their own cybersecurity efforts.

Read more  

VB2020 presentation: Another threat actor day…

Posted by   Virus Bulletin on   Nov 19, 2020

At VB2020 localhost Paul Jung, of Excellium Services, detailed an incident response that he and his team faced when, in December 2019, a Belgian hospital required their help to manage a breach of their informations system.

Read more  

VB2020 presentation: Ramsay: a cyber-espionage toolkit tailored for air-gapped networks

Posted by   Virus Bulletin on   Nov 16, 2020

At VB2020 localhost, ESET researcher Ignacio Sanmillan spoke about Ramsay, a toolkit specifically designed to steal documents and operate within air-gapped networks.

Read more  

VB2020 TIPS presentation: Business Email Compromise – Scalable Attribution Powering Industry and Law Enforcement Collaboration

Posted by   Virus Bulletin on   Nov 12, 2020

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contribution of threat intelligence sharing.

Read more  

VB2020 TIPS presentation: Collaborating with Competitors: A Better Strategy to Beat Adversaries

Posted by   Virus Bulletin on   Nov 3, 2020

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contribution of threat intelligence sharing.

Read more  

VB2020 TIPS presentations: cybercrime in the DACH region and ransomware in LATAM

Posted by   Virus Bulletin on   Oct 27, 2020

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contribution of threat intelligence sharing

Read more  

VB2020 TIPS presentation: Intelligence Sharing for Supply Chain Security

Posted by   Virus Bulletin on   Oct 21, 2020

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contribution of threat intelligence sharing.

Read more  

VB2020 localhost is over, but the content is still available to view!

Posted by   Virus Bulletin on   Oct 6, 2020

VB2020 localhost - VB's first foray into the world of virtual conferences - took place last week, but you can still watch all the presentations.

Read more  
Previous1234567...215Next

Search blog

'Olympic' emails contain malicious XLS attachments

Malware writers sprint to use vulnerabilities before next Patch Tuesday.
Malware writers sprint to use vulnerabilities before next Patch Tuesday. Security researchers have reported seeing emails containing XLS attachments designed to exploit a yet… https://www.virusbulletin.com/blog/2008/03/olympic-emails-contain-malicious-xls-attachments/

Bumper Patch Tuesday short of one patch

Excel remains vulnerable as expected fix is dropped.
Excel remains vulnerable as expected fix is dropped.Microsoft has issued its monthly 'Patch Tuesday' set of security updates, with a larger than usual crop of patches for a variety… https://www.virusbulletin.com/blog/2008/02/bumper-patch-tuesday-short-one-patch/

More PDF exploits seen in wild

Adobe Reader and Acrobat flaws open way for further document attacks.
Adobe Reader and Acrobat flaws open way for further document attacks. A string of vulnerabilities in Adobe's PDF viewing and editing software, disclosed late last week by Adobe and… https://www.virusbulletin.com/blog/2008/02/more-pdf-exploits-seen-wild/

Yahoo! jukebox flaw exploits in wild

Zero day vulnerability in music system rapidly targeted.
Zero day vulnerability in music system rapidly targeted.Vulnerabilities in Yahoo! Jukebox, a free music-management system provided by Yahoo!, have been exploited by in-the-wild… https://www.virusbulletin.com/blog/2008/02/yahoo-jukebox-flaw-exploits-wild/

Microsoft alert on Excel vulnerability

Targeted exploitation of zero-day flaw seen in wild.
Targeted exploitation of zero-day flaw seen in wild.Microsoft has issued a security advisory on an unresolved vulnerability in its Excel software, which has been reported as a… https://www.virusbulletin.com/blog/2008/01/microsoft-alert-excel-vulnerability/

SQL attack hacks wide range of sites

CA among victims of major attack linking sites to malware.
CA among victims of major attack linking sites to malware. Huge numbers of legitimate websites - perhaps as many as 100,000 according to some reports - fell victim to hackers… https://www.virusbulletin.com/blog/2008/01/sql-attack-hacks-wide-range-sites/

Four IE bugs fixed by Patch Tuesday release

Seven updates, three critical in monthly security update.
Seven updates, three critical in monthly security update.Microsoft has released its monthly 'Patch Tuesday' security bulletin, featuring seven updates of which three are marked… https://www.virusbulletin.com/blog/2007/12/four-ie-bugs-fixed-patch-tuesday-release/

Grisoft acquires Exploit Prevention Labs

AVG to incorporate LinkScanner in further consolidation of security offerings.
AVG to incorporate LinkScanner in further consolidation of security offerings.Grisoft, developer of the AVG security product whose free version is widely deployed on home-user… https://www.virusbulletin.com/blog/2007/12/grisoft-acquires-exploit-prevention-labs/

SANS issues vulnerability top 20

Annual study of security risks finds software and humans present dangers.
Annual study of security risks finds software and humans present dangers. The SANS Institute has released its annual survey of vulnerabilities putting computer systems and networks… https://www.virusbulletin.com/blog/2007/11/sans-issues-vulnerability-top-20/

QuickTime flaw could open Windows PCs to hackers

Firefox users most vulnerable; Internet Explorer users should be wary too.
Firefox users most vulnerable; Internet Explorer users should be wary too. Polish security researcher Krystian Kloskowski has published a proof-of-concept exploit for a… https://www.virusbulletin.com/blog/2007/11/quicktime-flaw-could-open-windows-pcs-hackers/

Five-year-old design flaw found in all Windows versions

Microsoft engineers spend Thanksgiving holidays writing patch.
Microsoft engineers spend Thanksgiving holidays writing patch. During the Kiwicon conference earlier this month, ethical hacker Beau Butler from New Zealand disclosed a design flaw… https://www.virusbulletin.com/blog/2007/11/five-year-old-design-flaw-found-all-windows-versions/

Two fixes released on lightweight Patch Tuesday

Monthly security update covers just couple of dangers.
Monthly security update covers just couple of dangers.Microsoft has released its monthly 'Patch Tuesday' security bulletin, with only two patches issued, one rated 'Important' and… https://www.virusbulletin.com/blog/2007/11/two-fixes-released-lightweight-patch-tuesday/

PDF trojan exploits Adobe flaw

Reader/Acrobat vulnerability targeted day after patch release.
Reader/Acrobat vulnerability targeted day after patch release. A vulnerability in Adobe's popular PDF-viewing software Adobe Reader and editing suite Acrobat, first reported a… https://www.virusbulletin.com/blog/2007/10/pdf-trojan-exploits-adobe-flaw/

RealPlayer zero-day flaw exploited

Manufacturer responds rapidly to serious security hole.
Manufacturer responds rapidly to serious security hole. A zero-day vulnerability in the popular media playing system RealPlayer was spotted being exploited in the wild late last… https://www.virusbulletin.com/blog/2007/10/realplayer-zero-day-flaw-exploited/

Kaspersky fixes serious vulnerability in Online Scanner

Exploitable ActiveX control replaced in new version.
Exploitable ActiveX control replaced in new version.Kaspersky Lab has released an updated version of its popular free online scanner to remedy a vulnerability in an ActiveX control… https://www.virusbulletin.com/blog/2007/10/kaspersky-fixes-serious-vulnerability-online-scanner/

Word for Mac exploit spotted

Patch Tuesday flaw targeted by vulnerability.
Patch Tuesday flaw targeted by vulnerability. A vulnerability in the Apple Mac version of Microsoft Word, covered by a patch in this month's Patch Tuesday security update, has been… https://www.virusbulletin.com/blog/2007/10/word-mac-exploit-spotted/

4 out of 5 critical issues fixed on Patch Tuesday

Expected patch omitted from monthly security update.
Expected patch omitted from monthly security update.Microsoft has announced the contents of its monthly 'Patch Tuesday' security update release, with four 'Critical' and two… https://www.virusbulletin.com/blog/2007/10/4-out-5-critical-issues-fixed-patch-tuesday/

Adobe acknowledges PDF flaw, issues workaround

Registry hack provides temporary fix for vulnerability.
Registry hack provides temporary fix for vulnerability.Adobe has officially confirmed the vulnerability announced last month by researcher Petko Petkov, which could allow… https://www.virusbulletin.com/blog/2007/10/adobe-acknowledges-pdf-flaw-issues-workaround/

Sun patches serious Java flaws

Critical vulnerabilities covered by urgent patches.
Critical vulnerabilities covered by urgent patches.Sun Microsystems has issued a series of patches to fix several vulnerabilities in its popular Java software. Successful… https://www.virusbulletin.com/blog/2007/10/sun-patches-serious-java-flaws/

Alarm over possible PDF flaw

Vulnerability announcement hyped to disaster level.
Vulnerability announcement hyped to disaster level. The announcement of a potentially serious vulnerability in the ubiquitous Adobe PDF document format sparked considerable media… https://www.virusbulletin.com/blog/2007/10/alarm-over-possible-pdf-flaw/

« Previous 1234567 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.