VB Blog

Avast to present technical details of CCleaner hack at VB2017

Posted by Martijn Grooten on Oct 2, 2017

The recently discovered malicious CCleaner version has become one of the biggest security stories of 2017. Two researchers from Avast, the company that had recently acquired CCleaner developer Piriform, will share the results of their investigations at VB2017 in Madrid this week.

Posted by Martijn Grooten on Oct 2, 2017

We preview the VB2017 paper by Kaspersky Lab researchers Juan Andrés Guerrero-Saade and Costin Raiu on fourth-party collection and its implications for attack attribution.

Posted by Martijn Grooten on Sep 29, 2017

We preview Patrick Wardle's VB2017 paper, in which the Synack researcher analyses the mysterious OSX/FruitFly malware by setting up a custom C&C server.

Posted by Martijn Grooten on Sep 28, 2017

More than 50 security industry experts will present conference papers to their peers at VB2017 next week, and there are several papers on the programme with a certain newsworthiness. There is still time for cybersecurity journalists to apply for a press pass.

Posted by Martijn Grooten on Sep 25, 2017

We preview the VB2017 paper by Dhia Mahjoub (OpenDNS) and Jason Passwaters (Intel471) who combine an actor-centric and a network-centric approach to analysing bulletproof hosting operations.

Posted by Martijn Grooten on Sep 22, 2017

As has become tradition, VB2017 will once again see a security industry table football tournament. Register your team now for some great fun and adrenaline-filled matches in between sessions in Madrid!

Posted by Martijn Grooten on Sep 21, 2017

Greater Manchester Police is one of many organizations still running Windows XP on some of its systems. This is bad practice, but the case against running XP is far more subtle than we often pretend it is.

Posted by Martijn Grooten on Sep 21, 2017

Researchers from ESET have found a new way in which the FinSpy/FinFisher 'government spyware' can infect users, details of which they will present at VB2017 in Madrid.

Posted by Virus Bulletin on Sep 20, 2017

Activity monitoring by security products in general, and HTTPS traffic inspection in particular, are sensitive issues in the security community. There is a time and a place for them, VB's Martijn Grooten argues, but only when they are done right.

Posted by Martijn Grooten on Sep 19, 2017

We preview the VB2017 paper by Fortinet researcher Axelle Apvrille, in which she looks at some less obvious tools for reverse engineering Android malware.

Previous1...2930313233...215Next

Search blog

Bank's Twitter account hacked to send phishing messages

Important lessons for companies engaging in social media.
Important lessons for companies engaging in social media. Last week, the Twitter account of the Bank of Melbourne was hacked and used to send direct messages containing phishing… https://www.virusbulletin.com/blog/2011/09/bank-s-twitter-account-hacked-send-phishing-messages/

Outlook spam phishes for SMTP credentials

Login details would give spammers access to legitimate mail servers.
Login details would give spammers access to legitimate mail servers. A phishing scam has been identified that targets users of Microsoft Outlook and tries to obtain SMTP login… https://www.virusbulletin.com/blog/2011/06/outlook-spam-phishes-smtp-credentials/

Canada new hotbed for cybercriminal activity

Country's IP addresses less likely to be scrutinized.
Country's IP addresses less likely to be scrutinized. Security firm Websense has reported a significant increase in cybercrime originating in Canada. Hitherto, Canada and… https://www.virusbulletin.com/blog/2011/05/canada-new-hotbed-cybercriminal-activity/

Scammers take advantage of Epsilon data breach

Trojan hidden as security tool for affected customers.
Trojan hidden as security tool for affected customers. Scammers are currently taking advantage of the data breach that affected email security provider Epsilon recently, by… https://www.virusbulletin.com/blog/2011/04/scammers-take-advantage-epsilon-data-breach/

Major email service provider suffers data breach

Financial institutions among affected customers.
Financial institutions among affected customers. Email service provider Epsilon, which carries out email marketing for many major companies, has admitted it has fallen victim to a… https://www.virusbulletin.com/blog/2011/04/major-email-service-provider-suffers-data-breach/

Dutch most protected Europeans online

Bulgarians most likely to have become infected; financial losses most prevalent among Latvians.
Bulgarians most likely to have become infected; financial losses most prevalent among Latvians. For the occasion of Safer Internet Day on 8 February, Eurostat, the EU's statistical… https://www.virusbulletin.com/blog/2011/02/dutch-most-protected-europeans-online/

Phishing for different markets

Scam emails trying to steal CO2 emission credits and World-of-Warcraft accounts.
Scam emails trying to steal CO2 emission credits and World-of-Warcraft accounts. Two unrelated phishing campaigns seen doing the rounds recently show that it's not just real money… https://www.virusbulletin.com/blog/2011/01/phishing-different-markets/

Malicious applications target Orkut

Visitors to infected social network profiles redirected to phishing sites.
Visitors to infected social network profiles redirected to phishing sites. Users of the social networking site Orkut have found themselves targeted by malicious applications that… https://www.virusbulletin.com/blog/2010/11/malicious-applications-target-orkut/

Dutch banks report huge increase in online fraud

Users warned against phishing and becoming money mules.
Users warned against phishing and becoming money mules. Figures on online crime released by the association of Dutch banks (NVB) show a significant rise in indicents of online… https://www.virusbulletin.com/blog/2010/10/dutch-banks-report-huge-increase-online-fraud/

Project Honey Pot 'celebrates' billionth spam message

Facebook about to become most phished organization.
Facebook about to become most phished organization. Few people would celebrate receiving a billion spam messages, but those at Project Honey Pot must have been a little proud when… https://www.virusbulletin.com/blog/2009/12/project-honey-pot-celebrates-billionth-spam-message/

Webmail data leak hype deflated

Rumoured phishing explosion grabs headlines, reality much more mundane.
Rumoured phishing explosion grabs headlines, reality much more mundane. This week has seen some major news organisations picking up on the story of tens of thousands of sets of… https://www.virusbulletin.com/blog/2009/10/webmail-data-leak-hype-deflated/

VB announces latest VBSpam certification results

Two products achieve top level VBSpam Platinum award.
Two products achieve top level VBSpam Platinum award. Virus Bulletin has announced the results of its second comparative review of anti-spam products, revealing two top-level… https://www.virusbulletin.com/blog/2009/07/vb-announces-latest-vbspam-certification-results/

DKIM usage shows significant growth

US banks urged to use authentication method
US banks urged to use authentication method In a report on its website, Internet giant Cisco states it has been seeing almost 700,000 non-spam messages that contain valid DKIM… https://www.virusbulletin.com/blog/2009/06/dkim-usage-shows-significant-growth/

Digital attacks encroach on real world

Car park flyers trick victims to malicious site.
Car park flyers trick victims to malicious site. The online arena of scams and phishing took a worrying step into the real world last week, as researchers heard of a scam starting… https://www.virusbulletin.com/blog/2009/02/digital-attacks-encroach-real-world/

MS report finds phishing revenues overhyped

Huge earnings may be myth, say researchers.
Huge earnings may be myth, say researchers. A report from Microsoft analysing the potential income of phishers claims that the amounts taken from duped victims of online scams may… https://www.virusbulletin.com/blog/2009/01/ms-report-finds-phishing-revenues-overhyped/

CastleCops closes down

Security community project comes to an end.
Security community project comes to an end. Well-known volunteer group CastleCops, which ran campaigns to identify and bring down spamming and phishing operations for over five… https://www.virusbulletin.com/blog/2009/01/castlecops-closes-down/

Twitter hit by phishing and hacks

Popular micro-blog site latest target of link spammers.
Popular micro-blog site latest target of link spammers. The latest social networking craze, micro-blogging service Twitter, has joined the likes of MySpace and Facebook in being… https://www.virusbulletin.com/blog/2009/01/twitter-hit-phishing-and-hacks/

Sarkozy bank account raided by cybercrooks

Hackers steal from French president - phish suspected.
Hackers steal from French president - phish suspected. French president Nicolas Sarkozy has had his funds stolen from his bank account, apparently after a phishing email tricked… https://www.virusbulletin.com/blog/2008/10/sarkozy-bank-account-raided-cybercrooks/

Ham disguised as spam

Webshop makes mass-mailing look like phishing scam.
Webshop makes mass-mailing look like phishing scam. An email addressed to 'Dear customer', in which a user is asked to check their account details, using a link that does not lead… https://www.virusbulletin.com/blog/2008/10/ham-disguised-spam/

Researchers urge anti-phishing companies to share data

Estimate over $300 million lost annually because data is not shared.
Estimate over $300 million lost annually because data is not shared. Researchers have revealed malicious websites are often active for longer than they ought to be due to a lack of… https://www.virusbulletin.com/blog/2008/10/researchers-urge-anti-phishing-companies-share-data/

« Previous 1234 Next »