VB Blog

VBSpam tests to be executed under the AMTSO framework

Posted by   Virus Bulletin on   Jun 24, 2024

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

Read more  

In memoriam: Prof. Ross Anderson

Posted by   Virus Bulletin on   Apr 2, 2024

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

Read more  

In memoriam: Dr Alan Solomon

Posted by   Virus Bulletin on   Feb 14, 2024

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

Read more  

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

Posted by   Virus Bulletin on   Oct 12, 2023

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

Read more  

New paper: Collector-stealer: a Russian origin credential and information extractor

Posted by   Virus Bulletin on   Dec 8, 2021

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

Read more  

VB2021 localhost videos available on YouTube

Posted by   Virus Bulletin on   Nov 4, 2021

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

Read more  

VB2021 localhost is over, but the content is still available to view!

Posted by   Virus Bulletin on   Oct 11, 2021

VB2021 localhost - VB's second virtual conference - took place last week, but you can still watch all the presentations.

Read more  

VB2021 localhost call for last-minute papers

Posted by   Virus Bulletin on   Aug 2, 2021

The call for last-minute papers for VB2021 localhost is now open. Submit before 20 August to have your paper considered for one of the slots reserved for 'hot' research!

Read more  

New article: Run your malicious VBA macros anywhere!

Posted by   Virus Bulletin on   Apr 21, 2021

Kurt Natvig explains how he recompiled malicious VBA macro code to valid harmless Python 3.x code.

Read more  

New article: Dissecting the design and vulnerabilities in AZORult C&C panels

Posted by   Virus Bulletin on   Apr 7, 2021

In a new article, Aditya K Sood looks at the command-and-control (C&C) design of the AZORult malware, discussing his team's findings related to the C&C design and some security issues they identified.

Read more  
Previous1234567...215Next

Search blog

Vulnerabilities closed in OpenOffice, StarOffice

Flaws patched in TIFF parsing code.
Flaws patched in TIFF parsing code. Security researchers at iDefense revealed last week that OpenOfficeversion 2.0.4 and earlier versions are vulnerable to maliciously crafted TIFF… https://www.virusbulletin.com/blog/2007/09/vulnerabilities-closed-openoffice-staroffice/

Quiet Patch Tuesday

Four flaws fixed in minimal security update.
Four flaws fixed in minimal security update.Microsoft's monthly 'Patch Tuesday' release of security updates for Windows and other software has been fairly quiet this month - with… https://www.virusbulletin.com/blog/2007/09/quiet-patch-tuesday/

Yahoo!-owned ad firm serves up trojans

Infectious flash adverts displayed on major sites.
Infectious flash adverts displayed on major sites. Advertising supplied by ad firm Right Media, a company bought out by web giant Yahoo! earlier this year after an initial… https://www.virusbulletin.com/blog/2007/09/yahoo-owned-ad-firm-serves-trojans/

Minor flaws patched in Sophos AV

Security vulnerabilities found and fixed.
Security vulnerabilities found and fixed. Two separate flaws have been reported in Sophos's anti-virus engine, affecting most of its product range and allowing security bypass and… https://www.virusbulletin.com/blog/2007/09/minor-flaws-patched-sophos-av/

String of vulnerabilities found in ServerProtect

Several minor holes patched in Trend Micro corporate product.
Several minor holes patched in Trend Micro corporate product. A series of security issues have been reported in Trend Micro's ServerProtect server-level product, which could allow… https://www.virusbulletin.com/blog/2007/08/string-vulnerabilities-found-serverprotect/

14 flaws fixed in bumper Patch Tuesday

Critical remote execution and hijack holes closed.
Critical remote execution and hijack holes closed.Microsoft's monthly 'Patch Tuesday' security bulletin includes nine separate bulletins this month, covering a total of 14… https://www.virusbulletin.com/blog/2007/08/14-flaws-fixed-bumper-patch-tuesday/

Storm e-card malware keeps on coming

No end to flood of fake friendly greetings.
No end to flood of fake friendly greetings. A further wave of e-cards carrying links to 'Storm' malware (various labelled Nuwar, Peacomm, Dorf, Zhelatin) has been hitting inboxes… https://www.virusbulletin.com/blog/2007/08/storm-e-card-malware-keeps-coming/

Webcam zero-day in Yahoo! Messenger

Video chat invites pose vulnerability danger.
Video chat invites pose vulnerability danger. A zero-day vulnerability has been reported in the webcam module of Yahoo! Messenger, allowing attackers remote access to systems open… https://www.virusbulletin.com/blog/2007/08/webcam-zero-day-yahoo-messenger/

Serious flaws patched in Norton 2006 products

Symantec users warned of vulnerabilities.
Symantec users warned of vulnerabilities. Users of Symantec's popular Norton AntiVirus and Norton Internet Security products are being urged to ensure they are running the latest… https://www.virusbulletin.com/blog/2007/08/serious-flaws-patched-norton-2006-products/

Series of products hit by vulnerabilities

Researcher finds flaws in ESET, Panda and Norman AV software.
Researcher finds flaws in ESET, Panda and Norman AV software. Researcher Sergio Alvarez has reported on vulnerabilities found in a string of anti-virus products this week, with… https://www.virusbulletin.com/blog/2007/07/series-products-hit-vulnerabilities/

Symantec, AVG suffer problems

Vulnerabilities and false positives strike major products.
Vulnerabilities and false positives strike major products.Symantec users have been warned of some serious issues with archive handling, across a wide range of software produced by… https://www.virusbulletin.com/blog/2007/07/symantec-avg-suffer-problems/

Controversy over IE-to-Firefox exploit

MS and Mozilla in row over blame for cross-browser attack.
MS and Mozilla in row over blame for cross-browser attack. An exploit which involves browsing to a malicious website using Internet Explorer, but then launches an attack via a… https://www.virusbulletin.com/blog/2007/07/controversy-over-ie-firefox-exploit/

7 flaws fixed in July Patch Tuesday release

Critical patches issued for Excel, Active Directory and .NET.
Critical patches issued for Excel, Active Directory and .NET.Microsoft has released a total of seven patches in its monthly 'Patch Tuesday' security update, with three of the… https://www.virusbulletin.com/blog/2007/07/7-flaws-fixed-july-patch-tuesday-release/

Fake updates and phony postcards carry malware

Microsoft patch and greetings card spams bring more trojans.
Microsoft patch and greetings card spams bring more trojans. Several spam runs posing as vulnerability alerts from Microsoft have been spotted in the last week, with links to… https://www.virusbulletin.com/blog/2007/07/fake-updates-and-phony-postcards-carry-malware/

Bugs found in Apple's new Windows browser within hours of release

Safari not so good-y.
Safari not so good-y. A number of security researchers say they found bugs in Apple's brand new web browser Safari for Windows just hours after its public beta release on 11 June.… https://www.virusbulletin.com/blog/2007/06/bugs-found-apple-s-new-windows-browser-within-hours-release/

4 critical flaws patched this Patch Tuesday

Microsoft's June Security Bulletin covers range of vulnerabilities.
Microsoft's June Security Bulletin covers range of vulnerabilities.Microsoft's latest 'Patch Tuesday' security bulletin, released yesterday, includes fixes for six vulnerabilities,… https://www.virusbulletin.com/blog/2007/06/4-critical-flaws-patched-patch-tuesday/

Serious holes in Yahoo! Messenger

Critical vulnerabilities fully disclosed.
Critical vulnerabilities fully disclosed. Two security flaws in the popular Yahoo! Messenger communications software have been reported, with full details available online before a… https://www.virusbulletin.com/blog/2007/06/serious-holes-yahoo-messenger/

CA struck by vulnerability

CAB handling issue affects swathe of products.
CAB handling issue affects swathe of products. Two flaws related to the handling of CAB archive files by the CA anti-virus engine have been reported, rendering products across CA's… https://www.virusbulletin.com/blog/2007/06/ca-struck-vulnerability/

Vulnerabilities strike more AV firms, and Mac too

F-Secure and Authentium patch holes, while Samba flaws worry Apple users.
F-Secure and Authentium patch holes, while Samba flaws worry Apple users. Users of Mac OS X, used to a cosy sense of security, have been warned of possible penetration vectors… https://www.virusbulletin.com/blog/2007/06/vulnerabilities-strike-more-av-firms-and-mac-too/

Overflows hit NOD32

Vulnerabilities disclosed after patching.
Vulnerabilities disclosed after patching. Two stack-overflow vulnerabilities have been disclosed in Eset's flagship NOD32 AntiVirus product, which could have been exploited to… https://www.virusbulletin.com/blog/2007/05/overflows-hit-nod32/

« Previous 1234567 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.