VB Blog

VB2019 paper: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry

Posted by Martijn Grooten on Oct 28, 2019

Today we publish the VB2019 paper by RiskIQ researcher Yonathan Klijnsma, who looked at the Magecart web-skimming attacks.

Posted by Martijn Grooten on Oct 25, 2019

Today, we publish the videos of the VB2019 partner presentations by Michael Maltsev (Reason Cybersecurity) on webcam interception and protection, and by Jean-Ian Boutin and Anton Cherepanov (ESET) on the Buhtrap group.

Posted by Martijn Grooten on Oct 24, 2019

The web continues to be a major infection vector for malware and credential-stealing threats. In the VBWeb tests, we measure products' ability to block such threats and certify products that perform a good job at doing so.

Posted by Martijn Grooten on Oct 23, 2019

Today we publish VB2019 papers by Luca Nagy (Sophos) on Emotet and Gabriela Nicolao and Luciano Martins (Deloitte) on Ryuk, as well as the corresponding videos of their presentations.

Posted by Virus Bulletin on Oct 22, 2019

The debate on responsible disclosure is about as old as IT security itself. In a guest post for Virus Bulletin Robert Neumann suggests we need to reconsider a one-size-fits-all solution and instead look for a well-respected independent organization to handle security issues.

Posted by Martijn Grooten on Oct 21, 2019

OpSec mistakes are what lead to many malware discoveries, and in the case of the Geost Android botnet the mistake was a really interesting one. Today we publish the VB2019 paper by Sebastian García, Maria Jose Erquiaga and Anna Shirokova on the Geost botnet, as well as the recording of Sebastian and Anna presenting their research in London.

Posted by Virus Bulletin on Oct 14, 2019

VB2019 Platinum partner Reason Cybersecurity presents a threat analysis report on the Save Yourself malware.

Posted by Virus Bulletin on Oct 4, 2019

In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence.

Posted by Virus Bulletin on Sep 25, 2019

In a guest blog post VB2019 Silver partner Intezer outlines the importance of paying attention to Linux threats.

Posted by Martijn Grooten on Sep 18, 2019

On Monday, the infamous Emotet malware resumed its spam campaign to spread the latest version of the malware. As before, the malware successfully bypasses many email security products.

Previous1...89101112...215Next

Search blog

Bank's Twitter account hacked to send phishing messages

Important lessons for companies engaging in social media.
Important lessons for companies engaging in social media. Last week, the Twitter account of the Bank of Melbourne was hacked and used to send direct messages containing phishing… https://www.virusbulletin.com/blog/2011/09/bank-s-twitter-account-hacked-send-phishing-messages/

Outlook spam phishes for SMTP credentials

Login details would give spammers access to legitimate mail servers.
Login details would give spammers access to legitimate mail servers. A phishing scam has been identified that targets users of Microsoft Outlook and tries to obtain SMTP login… https://www.virusbulletin.com/blog/2011/06/outlook-spam-phishes-smtp-credentials/

Canada new hotbed for cybercriminal activity

Country's IP addresses less likely to be scrutinized.
Country's IP addresses less likely to be scrutinized. Security firm Websense has reported a significant increase in cybercrime originating in Canada. Hitherto, Canada and… https://www.virusbulletin.com/blog/2011/05/canada-new-hotbed-cybercriminal-activity/

Scammers take advantage of Epsilon data breach

Trojan hidden as security tool for affected customers.
Trojan hidden as security tool for affected customers. Scammers are currently taking advantage of the data breach that affected email security provider Epsilon recently, by… https://www.virusbulletin.com/blog/2011/04/scammers-take-advantage-epsilon-data-breach/

Major email service provider suffers data breach

Financial institutions among affected customers.
Financial institutions among affected customers. Email service provider Epsilon, which carries out email marketing for many major companies, has admitted it has fallen victim to a… https://www.virusbulletin.com/blog/2011/04/major-email-service-provider-suffers-data-breach/

Dutch most protected Europeans online

Bulgarians most likely to have become infected; financial losses most prevalent among Latvians.
Bulgarians most likely to have become infected; financial losses most prevalent among Latvians. For the occasion of Safer Internet Day on 8 February, Eurostat, the EU's statistical… https://www.virusbulletin.com/blog/2011/02/dutch-most-protected-europeans-online/

Phishing for different markets

Scam emails trying to steal CO2 emission credits and World-of-Warcraft accounts.
Scam emails trying to steal CO2 emission credits and World-of-Warcraft accounts. Two unrelated phishing campaigns seen doing the rounds recently show that it's not just real money… https://www.virusbulletin.com/blog/2011/01/phishing-different-markets/

Malicious applications target Orkut

Visitors to infected social network profiles redirected to phishing sites.
Visitors to infected social network profiles redirected to phishing sites. Users of the social networking site Orkut have found themselves targeted by malicious applications that… https://www.virusbulletin.com/blog/2010/11/malicious-applications-target-orkut/

Dutch banks report huge increase in online fraud

Users warned against phishing and becoming money mules.
Users warned against phishing and becoming money mules. Figures on online crime released by the association of Dutch banks (NVB) show a significant rise in indicents of online… https://www.virusbulletin.com/blog/2010/10/dutch-banks-report-huge-increase-online-fraud/

Project Honey Pot 'celebrates' billionth spam message

Facebook about to become most phished organization.
Facebook about to become most phished organization. Few people would celebrate receiving a billion spam messages, but those at Project Honey Pot must have been a little proud when… https://www.virusbulletin.com/blog/2009/12/project-honey-pot-celebrates-billionth-spam-message/

Webmail data leak hype deflated

Rumoured phishing explosion grabs headlines, reality much more mundane.
Rumoured phishing explosion grabs headlines, reality much more mundane. This week has seen some major news organisations picking up on the story of tens of thousands of sets of… https://www.virusbulletin.com/blog/2009/10/webmail-data-leak-hype-deflated/

VB announces latest VBSpam certification results

Two products achieve top level VBSpam Platinum award.
Two products achieve top level VBSpam Platinum award. Virus Bulletin has announced the results of its second comparative review of anti-spam products, revealing two top-level… https://www.virusbulletin.com/blog/2009/07/vb-announces-latest-vbspam-certification-results/

DKIM usage shows significant growth

US banks urged to use authentication method
US banks urged to use authentication method In a report on its website, Internet giant Cisco states it has been seeing almost 700,000 non-spam messages that contain valid DKIM… https://www.virusbulletin.com/blog/2009/06/dkim-usage-shows-significant-growth/

Digital attacks encroach on real world

Car park flyers trick victims to malicious site.
Car park flyers trick victims to malicious site. The online arena of scams and phishing took a worrying step into the real world last week, as researchers heard of a scam starting… https://www.virusbulletin.com/blog/2009/02/digital-attacks-encroach-real-world/

MS report finds phishing revenues overhyped

Huge earnings may be myth, say researchers.
Huge earnings may be myth, say researchers. A report from Microsoft analysing the potential income of phishers claims that the amounts taken from duped victims of online scams may… https://www.virusbulletin.com/blog/2009/01/ms-report-finds-phishing-revenues-overhyped/

CastleCops closes down

Security community project comes to an end.
Security community project comes to an end. Well-known volunteer group CastleCops, which ran campaigns to identify and bring down spamming and phishing operations for over five… https://www.virusbulletin.com/blog/2009/01/castlecops-closes-down/

Twitter hit by phishing and hacks

Popular micro-blog site latest target of link spammers.
Popular micro-blog site latest target of link spammers. The latest social networking craze, micro-blogging service Twitter, has joined the likes of MySpace and Facebook in being… https://www.virusbulletin.com/blog/2009/01/twitter-hit-phishing-and-hacks/

Sarkozy bank account raided by cybercrooks

Hackers steal from French president - phish suspected.
Hackers steal from French president - phish suspected. French president Nicolas Sarkozy has had his funds stolen from his bank account, apparently after a phishing email tricked… https://www.virusbulletin.com/blog/2008/10/sarkozy-bank-account-raided-cybercrooks/

Ham disguised as spam

Webshop makes mass-mailing look like phishing scam.
Webshop makes mass-mailing look like phishing scam. An email addressed to 'Dear customer', in which a user is asked to check their account details, using a link that does not lead… https://www.virusbulletin.com/blog/2008/10/ham-disguised-spam/

Researchers urge anti-phishing companies to share data

Estimate over $300 million lost annually because data is not shared.
Estimate over $300 million lost annually because data is not shared. Researchers have revealed malicious websites are often active for longer than they ought to be due to a lack of… https://www.virusbulletin.com/blog/2008/10/researchers-urge-anti-phishing-companies-share-data/

« Previous 1234 Next »