VB Blog

VBSpam tests to be executed under the AMTSO framework

Posted by Virus Bulletin on Jun 24, 2024

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

Posted by Virus Bulletin on Apr 2, 2024

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

Posted by Virus Bulletin on Feb 14, 2024

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

Posted by Virus Bulletin on Oct 12, 2023

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

Posted by Virus Bulletin on Dec 8, 2021

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

Posted by Virus Bulletin on Nov 4, 2021

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

Posted by Virus Bulletin on Oct 11, 2021

VB2021 localhost - VB's second virtual conference - took place last week, but you can still watch all the presentations.

Posted by Virus Bulletin on Aug 2, 2021

The call for last-minute papers for VB2021 localhost is now open. Submit before 20 August to have your paper considered for one of the slots reserved for 'hot' research!

Posted by Virus Bulletin on Apr 21, 2021

Kurt Natvig explains how he recompiled malicious VBA macro code to valid harmless Python 3.x code.

Posted by Virus Bulletin on Apr 7, 2021

In a new article, Aditya K Sood looks at the command-and-control (C&C) design of the AZORult malware, discussing his team's findings related to the C&C design and some security issues they identified.

Previous1234567...215Next

Search blog

Google shows off in-house browser beta

Open-source 'Chrome' promises security as well as efficiency.
Open-source 'Chrome' promises security as well as efficiency. Ever-expanding web giant Google has released an early version of its own browser, developed in house but under… https://www.virusbulletin.com/blog/2008/09/google-shows-house-browser-beta/

Net threats cost US $8.5 billion in two years

Study measures scale of scamming and other web worries.
Study measures scale of scamming and other web worries. US consumer watchdog body Consumer Reports have released their annual 'State of the Net' study, finding a noticeable decline… https://www.virusbulletin.com/blog/2008/08/net-threats-cost-us-8-5-billion-two-years/

Spam and ID theft attacked from all sides

EU body issues warning, ICANN, Japan and Yahoo! take on spammers and phishers.
EU body issues warning, ICANN, Japan and Yahoo! take on spammers and phishers. Last week a series of major institutions took action highlighting the threat of spam and phishing,… https://www.virusbulletin.com/blog/2008/06/spam-and-id-theft-attacked-all-sides/

Phishing on rise, but anti-phishers fighting back

As UK banking body reports major increase in phishes, PayPal unveils blocking strategy.
As UK banking body reports major increase in phishes, PayPal unveils blocking strategy. A report from the UK payments industry association APACS has shown a dramatic increase in… https://www.virusbulletin.com/blog/2008/04/phishing-rise-anti-phishers-fighting-back/

Users of online banking 'should have adequate protection'

New UK banking code says customers who keep their PCs secure will not be responsible for losses due to online theft.
New UK banking code says customers who keep their PCs secure will not be responsible for losses due to online theft. A new banking code launched earlier this week by the British'… https://www.virusbulletin.com/blog/2008/04/users-online-banking-should-have-adequate-protection/

Vish implanted in phishing warning

Doctored bank alert includes phony phone number.
Doctored bank alert includes phony phone number. A spammed-out email has been spotted posing as a phishing warning from US credit union Kessler Federal, with some very sensible… https://www.virusbulletin.com/blog/2008/02/vish-implanted-phishing-warning/

Meta-phishing

Phishing warning contains link to... phishing site.
Phishing warning contains link to... phishing site. The anti-malware industry can congratulate itself for there being an increasing awareness among users about phishing. Users are… https://www.virusbulletin.com/blog/2008/02/meta-phishing/

Phishers phishing phishers' phishes

Scam software secretly sending stolen data to creators.
Scam software secretly sending stolen data to creators.Phishing researchers have uncovered code buried in phishing software kits, sold by developers to less technically aware… https://www.virusbulletin.com/blog/2008/02/phishers-phishing-phishers-phishes/

Complex attack targets Better Business Bureau

Sophisticated scam uses personalised mails, real site redirects.
Sophisticated scam uses personalised mails, real site redirects. A highly sophisticated email phishing scam is using a redirection flaw in the website of the Better Business Bureau… https://www.virusbulletin.com/blog/2008/02/complex-attack-targets-better-business-bureau/

419 scammers plead guilty in US

African trio admit attempts to defraud via spam.
African trio admit attempts to defraud via spam. Three men, two from Nigeria and a third from Senegal, entered guilty pleas in a Brooklyn, New York, courtroom last week after being… https://www.virusbulletin.com/blog/2008/02/419-scammers-plead-guilty-us/

US agencies report vishing, extortion, danger of hacking

FBI name used in email attacks, CIA warns of power supply hacks.
FBI name used in email attacks, CIA warns of power supply hacks. US security and law enforcement agencies were more than usually active in the computer security world last week,… https://www.virusbulletin.com/blog/2008/01/us-agencies-report-vishing-extortion-danger-hacking/

Help for victims of e-crime

Cybercrime support website launched.
Cybercrime support website launched. A website dedicated to helping victims of online crime and other incidents has been launched in the UK. The site, www.e-victims.org, aims to… https://www.virusbulletin.com/blog/2008/01/help-victims-e-crime/

Phishing danger increases as Storm botnet is hired out

Smart new trojan and Storm diversification add to online banking risk.
Smart new trojan and Storm diversification add to online banking risk. The dangers of banking online grew significantly in past weeks, as portions of the ever-expanding Storm… https://www.virusbulletin.com/blog/2008/01/phishing-danger-increases-storm-botnet-hired-out/

$3.2 billion lost in phishing attacks in 2007

Gartner survey reveals US losses to phishing gangs.
Gartner survey reveals US losses to phishing gangs. Analyst firm Gartner has estimated that $3.2 billion was lost by 3.6 million US computer users in phishing attacks over the 12… https://www.virusbulletin.com/blog/2007/12/3-2-billion-lost-phishing-attacks-2007/

One in four consider online banking unsafe

Virus Bulletin finds that one in four users consider online banking to be unsafe, but manage their accounts online regardless, while 50% of users consider online banking to be risk free.
Virus Bulletin finds that one in four users consider online banking to be unsafe, but manage their accounts online regardless, while 50% of users consider online banking to be risk… https://www.virusbulletin.com/blog/2007/11/one-four-consider-online-banking-unsafe/

Phished Salesforce.com data used for phishing attacks

Password leak leads to major CRM customer data haul.
Password leak leads to major CRM customer data haul. A security breach at customer relationship management (CRM) firm Salesforce.com has led to a large-scale leak of confidential… https://www.virusbulletin.com/blog/2007/11/phished-salesforce-com-data-used-phishing-attacks/

Phishing trojan targets Mac OSX

DNS hijack disguised as codec threatens Apple systems.
DNS hijack disguised as codec threatens Apple systems. A new trojan affecting Apple's Mac OSX operating system - a relative rarity in the malware world - has been seen in the wild.… https://www.virusbulletin.com/blog/2007/11/phishing-trojan-targets-mac-osx/

Supermarket sweep

Phishers almost get away with $10m scam.
Phishers almost get away with $10m scam. Court documents have revealed that phishers nearly managed a whopping $10 million supermarket (bank account) sweep earlier this year.… https://www.virusbulletin.com/blog/2007/11/supermarket-sweep/

Bulletproof hosting firm claims legitimacy

Crime-laden Russian service threatens to sue detractors.
Crime-laden Russian service threatens to sue detractors. A notorious Russian firm offering 'bulletproof hosting' - website hosting services with a guarantee that sites will not be… https://www.virusbulletin.com/blog/2007/10/bulletproof-hosting-firm-claims-legitimacy/

Phil makes anti-phishing education child's play

Researchers create game to raise awareness.
Researchers create game to raise awareness. Researchers at Carnegie Mellon University have created an interactive game designed to teach players how to identify phishing URLs and… https://www.virusbulletin.com/blog/2007/10/phil-makes-anti-phishing-education-child-s-play/

« Previous 1234 Next »