VB Blog

Malicious CCleaner update points to a major weakness in our infrastructure

Posted by Martijn Grooten on Sep 18, 2017

Researchers from Cisco Talos have found that a recent version of the widely used CCleaner tool installed malware on the machine.

Posted by Virus Bulletin on Sep 15, 2017

Though ransomware is far more profitable than using a compromised PC to mine bitcoins, the global distribution of malware means that there are many botnets for which mining is the most efficient way to extract money out of a PC.

Posted by Martijn Grooten on Sep 14, 2017

We preview the VB2017 paper by Julia Karpin and Anna Dorfman (F5 networks), in which they present a tool to decrypt encrypted parts of malware.

Posted by Martijn Grooten on Sep 13, 2017

We preview the VB2017 paper by Marco Romagna and Niek Jan van den Hout (The Hague University of Applied Sciences), in which they thoroughly analyse the motivations and modus operandy of hacktivists.

Posted by Martijn Grooten on Sep 13, 2017

Proof-of-concepts for bypasses of security products always sound scary, but how seriously should we take them? VB Editor Martijn Grooten lists three questions one should ask about any such bypass to determine how serious a threat it represents.

Posted by Martijn Grooten on Sep 12, 2017

Today, we announce two more 'Small Talks' for the VB2017 programme. In one of them, Neil Schwarzman will discuss the consequences of the GDPR for WHOIS and abuse research, while the other will be hosted by three members of EICAR, who will discuss its work on a trustworthiness strategy and minimum standard.

Posted by Martijn Grooten on Sep 11, 2017

From attacks on Ukraine's power grid to web shells, and from car hacking to ransomware: we announce the first nine 'last-minute' papers on the VB2017 programme.

Posted by Martijn Grooten on Sep 5, 2017

A lot of vulnerabilities that are discovered are never exploited in the wild. It is still important to patch them though.

Posted by Martijn Grooten on Sep 4, 2017

A security researcher found more than 700 million email addresses stored on a server used by a spam botnet, which gives us some insight into what the email lists used by spammers look like.

Posted by Martijn Grooten on Sep 4, 2017

We preview the VB2017 presentation by Tyrus Kamau (Euclid Security), who will talk about the state of cybersecurity in Africa, with a particular focus on his home country, Kenya.

Previous1...3031323334...215Next

Search blog

Bank's Twitter account hacked to send phishing messages

Important lessons for companies engaging in social media.
Important lessons for companies engaging in social media. Last week, the Twitter account of the Bank of Melbourne was hacked and used to send direct messages containing phishing… https://www.virusbulletin.com/blog/2011/09/bank-s-twitter-account-hacked-send-phishing-messages/

Outlook spam phishes for SMTP credentials

Login details would give spammers access to legitimate mail servers.
Login details would give spammers access to legitimate mail servers. A phishing scam has been identified that targets users of Microsoft Outlook and tries to obtain SMTP login… https://www.virusbulletin.com/blog/2011/06/outlook-spam-phishes-smtp-credentials/

Canada new hotbed for cybercriminal activity

Country's IP addresses less likely to be scrutinized.
Country's IP addresses less likely to be scrutinized. Security firm Websense has reported a significant increase in cybercrime originating in Canada. Hitherto, Canada and… https://www.virusbulletin.com/blog/2011/05/canada-new-hotbed-cybercriminal-activity/

Scammers take advantage of Epsilon data breach

Trojan hidden as security tool for affected customers.
Trojan hidden as security tool for affected customers. Scammers are currently taking advantage of the data breach that affected email security provider Epsilon recently, by… https://www.virusbulletin.com/blog/2011/04/scammers-take-advantage-epsilon-data-breach/

Major email service provider suffers data breach

Financial institutions among affected customers.
Financial institutions among affected customers. Email service provider Epsilon, which carries out email marketing for many major companies, has admitted it has fallen victim to a… https://www.virusbulletin.com/blog/2011/04/major-email-service-provider-suffers-data-breach/

Dutch most protected Europeans online

Bulgarians most likely to have become infected; financial losses most prevalent among Latvians.
Bulgarians most likely to have become infected; financial losses most prevalent among Latvians. For the occasion of Safer Internet Day on 8 February, Eurostat, the EU's statistical… https://www.virusbulletin.com/blog/2011/02/dutch-most-protected-europeans-online/

Phishing for different markets

Scam emails trying to steal CO2 emission credits and World-of-Warcraft accounts.
Scam emails trying to steal CO2 emission credits and World-of-Warcraft accounts. Two unrelated phishing campaigns seen doing the rounds recently show that it's not just real money… https://www.virusbulletin.com/blog/2011/01/phishing-different-markets/

Malicious applications target Orkut

Visitors to infected social network profiles redirected to phishing sites.
Visitors to infected social network profiles redirected to phishing sites. Users of the social networking site Orkut have found themselves targeted by malicious applications that… https://www.virusbulletin.com/blog/2010/11/malicious-applications-target-orkut/

Dutch banks report huge increase in online fraud

Users warned against phishing and becoming money mules.
Users warned against phishing and becoming money mules. Figures on online crime released by the association of Dutch banks (NVB) show a significant rise in indicents of online… https://www.virusbulletin.com/blog/2010/10/dutch-banks-report-huge-increase-online-fraud/

Project Honey Pot 'celebrates' billionth spam message

Facebook about to become most phished organization.
Facebook about to become most phished organization. Few people would celebrate receiving a billion spam messages, but those at Project Honey Pot must have been a little proud when… https://www.virusbulletin.com/blog/2009/12/project-honey-pot-celebrates-billionth-spam-message/

Webmail data leak hype deflated

Rumoured phishing explosion grabs headlines, reality much more mundane.
Rumoured phishing explosion grabs headlines, reality much more mundane. This week has seen some major news organisations picking up on the story of tens of thousands of sets of… https://www.virusbulletin.com/blog/2009/10/webmail-data-leak-hype-deflated/

VB announces latest VBSpam certification results

Two products achieve top level VBSpam Platinum award.
Two products achieve top level VBSpam Platinum award. Virus Bulletin has announced the results of its second comparative review of anti-spam products, revealing two top-level… https://www.virusbulletin.com/blog/2009/07/vb-announces-latest-vbspam-certification-results/

DKIM usage shows significant growth

US banks urged to use authentication method
US banks urged to use authentication method In a report on its website, Internet giant Cisco states it has been seeing almost 700,000 non-spam messages that contain valid DKIM… https://www.virusbulletin.com/blog/2009/06/dkim-usage-shows-significant-growth/

Digital attacks encroach on real world

Car park flyers trick victims to malicious site.
Car park flyers trick victims to malicious site. The online arena of scams and phishing took a worrying step into the real world last week, as researchers heard of a scam starting… https://www.virusbulletin.com/blog/2009/02/digital-attacks-encroach-real-world/

MS report finds phishing revenues overhyped

Huge earnings may be myth, say researchers.
Huge earnings may be myth, say researchers. A report from Microsoft analysing the potential income of phishers claims that the amounts taken from duped victims of online scams may… https://www.virusbulletin.com/blog/2009/01/ms-report-finds-phishing-revenues-overhyped/

CastleCops closes down

Security community project comes to an end.
Security community project comes to an end. Well-known volunteer group CastleCops, which ran campaigns to identify and bring down spamming and phishing operations for over five… https://www.virusbulletin.com/blog/2009/01/castlecops-closes-down/

Twitter hit by phishing and hacks

Popular micro-blog site latest target of link spammers.
Popular micro-blog site latest target of link spammers. The latest social networking craze, micro-blogging service Twitter, has joined the likes of MySpace and Facebook in being… https://www.virusbulletin.com/blog/2009/01/twitter-hit-phishing-and-hacks/

Sarkozy bank account raided by cybercrooks

Hackers steal from French president - phish suspected.
Hackers steal from French president - phish suspected. French president Nicolas Sarkozy has had his funds stolen from his bank account, apparently after a phishing email tricked… https://www.virusbulletin.com/blog/2008/10/sarkozy-bank-account-raided-cybercrooks/

Ham disguised as spam

Webshop makes mass-mailing look like phishing scam.
Webshop makes mass-mailing look like phishing scam. An email addressed to 'Dear customer', in which a user is asked to check their account details, using a link that does not lead… https://www.virusbulletin.com/blog/2008/10/ham-disguised-spam/

Researchers urge anti-phishing companies to share data

Estimate over $300 million lost annually because data is not shared.
Estimate over $300 million lost annually because data is not shared. Researchers have revealed malicious websites are often active for longer than they ought to be due to a lack of… https://www.virusbulletin.com/blog/2008/10/researchers-urge-anti-phishing-companies-share-data/

« Previous 1234 Next »