VB Blog

Tizi Android malware highlights the importance of security patches for high-risk users

Posted by Martijn Grooten on Nov 28, 2017

Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.

Posted by Martijn Grooten on Nov 27, 2017

Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.

Posted by Martijn Grooten on Nov 24, 2017

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.

Posted by Martijn Grooten on Nov 23, 2017

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

Posted by Martijn Grooten on Nov 22, 2017

At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

Posted by Martijn Grooten on Nov 21, 2017

Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

Posted by Martijn Grooten on Nov 16, 2017

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

Posted by Martijn Grooten on Nov 13, 2017

Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB2017 in Madrid, in which she shared her inside view of security in hospitals.

Posted by Martijn Grooten on Nov 9, 2017

Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.

Posted by Martijn Grooten on Nov 8, 2017

At VB2017 in Madrid, industry veteran and ESET Senior Research Fellow David Harley presented a paper on the state of security software testing. Today we publish David's paper in both HTML and PDF format.

Previous1...2728293031...215Next

Search blog

APWG and FTC combine to fight ID fraud

Agencies join forces to release safety guidance documents.
Agencies join forces to release safety guidance documents. The Anti-Phishing Working Group (APWG) and the US Federal Trade Commission (FTC) have pooled their resources and… https://www.virusbulletin.com/blog/2007/09/apwg-and-ftc-combine-fight-id-fraud/

Monster haul of data reaped from job site

Trojan gathers 1.6 million sets of jobseeker records.
Trojan gathers 1.6 million sets of jobseeker records. Researchers at Symantec have reported discovering a server carrying 1.6 million entries from the popular jobseeking website… https://www.virusbulletin.com/blog/2007/08/monster-haul-data-reaped-job-site/

Phish poses as Sophos malware alert

Fake security alarm lures users to spoofed site.
Fake security alarm lures users to spoofed site. A phishing email recently spammed out uses the name of security firm Sophos to lend credence to a fake malware alert, designed to… https://www.virusbulletin.com/blog/2007/08/phish-poses-sophos-malware-alert/

Facebook users warned of phishing dangers

41% happy to hand out personal data to strangers.
41% happy to hand out personal data to strangers. Research carried out by Sophos has found that 41% of users of hugely popular social networking site Facebook risk revealing… https://www.virusbulletin.com/blog/2007/08/facebook-users-warned-phishing-dangers/

House of Lords warns of e-crime fears

Report recommends harder, smarter fight against online dangers.
Report recommends harder, smarter fight against online dangers. A major report by the Science and Technology Committee of the UK's House of Lords has found the internet to be rife… https://www.virusbulletin.com/blog/2007/08/house-lords-warns-e-crime-fears/

57% of spam scam sites hosted in US

Study investigates sites and servers linked to from spam.
Study investigates sites and servers linked to from spam. A detailed investigation into the distribution and usage of webservers to host the various 'scams' pushed by spam… https://www.virusbulletin.com/blog/2007/08/57-spam-scam-sites-hosted-us/

Malware and phishing cost US users $7 billion in two years

Survey finds 1 in 4 risk of being hit by viruses, spyware and scams.
Survey finds 1 in 4 risk of being hit by viruses, spyware and scams. US consumer watchdog Consumer Reports has unveiled its annual 'State of the Net' study, showing serious numbers… https://www.virusbulletin.com/blog/2007/08/malware-and-phishing-cost-us-users-7-billion-two-years/

26 phishing arrests in Italy

Police swoop on Poste Italiane spam scam gangs.
Police swoop on Poste Italiane spam scam gangs. In a first for Italy, the Guardia Di Finanza has made 26 arrests from two separate groups of phishing fraudsters, in the culmination… https://www.virusbulletin.com/blog/2007/07/26-phishing-arrests-italy/

UK users ignoring security issues

Surveys find public in the dark and careless about sensitive data.
Surveys find public in the dark and careless about sensitive data. Several surveys out this week have shown the UK public is failing to take basic security precautions to protect… https://www.virusbulletin.com/blog/2007/06/uk-users-ignoring-security-issues/

100,000 new phishing sites set up in 7 days

IBM sees huge rise in kit-build scam sites.
IBM sees huge rise in kit-build scam sites. Phishing watchers at IBM's X-Force research team have recorded an enormous burst of phishing activity in the last seven days, with over… https://www.virusbulletin.com/blog/2007/06/100-000-new-phishing-sites-set-7-days/

Phisher gets six years

Californian receives 70-month prison sentence, avoids 101 years behind bars.
Californian receives 70-month prison sentence, avoids 101 years behind bars. A Californian man, found guilty in January this year of operating a phishing scheme aimed at scamming… https://www.virusbulletin.com/blog/2007/06/phisher-gets-six-years/

Phishing techniques and technology revealed

Serious software used to analyse phished data, and a phisher talks.
Serious software used to analyse phished data, and a phisher talks. Some insights into the workings of phishing scams were revealed this week, as a sophisticated tool designed to… https://www.virusbulletin.com/blog/2007/05/phishing-techniques-and-technology-revealed/

Phishing moves into more new areas

Surveys, phone lines, USB sticks and call girls the latest tactics for spammers and phishers.
Surveys, phone lines, USB sticks and call girls the latest tactics for spammers and phishers. The latest social-engineering methods being put to use by phishers show no let up in… https://www.virusbulletin.com/blog/2007/05/phishing-moves-more-new-areas/

« Previous 1234 Next »

VB Blog

Tizi Android malware highlights the importance of security patches for high-risk users

Virus Bulletin to attend AMTSO, AVAR and Botconf

VB2017 video: FinFisher: New techniques and infection vectors revealed

Throwback Thursday: The beginning of the end(point): where we are now and where we'll be in five years

VB2017 paper: Beyond lexical and PDNS: using signals on graphs to uncover online threats at scale

Firefox 59 to make it a lot harder to use data URIs in phishing attacks

Standalone product test: FireEye Endpoint

VB2017 video: Consequences of bad security in health care

Vulnerabilities play only a tiny role in the security risks that come with mobile phones

VB2017 paper: The (testing) world turned upside down