VB Blog

Tizi Android malware highlights the importance of security patches for high-risk users

Posted by   Martijn Grooten on   Nov 28, 2017

Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.

Read more  

Virus Bulletin to attend AMTSO, AVAR and Botconf

Posted by   Martijn Grooten on   Nov 27, 2017

Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.

Read more  

VB2017 video: FinFisher: New techniques and infection vectors revealed

Posted by   Martijn Grooten on   Nov 24, 2017

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.

Read more  

Throwback Thursday: The beginning of the end(point): where we are now and where we'll be in five years

Posted by   Martijn Grooten on   Nov 23, 2017

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

Read more  

VB2017 paper: Beyond lexical and PDNS: using signals on graphs to uncover online threats at scale

Posted by   Martijn Grooten on   Nov 22, 2017

At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

Read more  

Firefox 59 to make it a lot harder to use data URIs in phishing attacks

Posted by   Martijn Grooten on   Nov 21, 2017

Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

Read more  

Standalone product test: FireEye Endpoint

Posted by   Martijn Grooten on   Nov 16, 2017

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

Read more  

VB2017 video: Consequences of bad security in health care

Posted by   Martijn Grooten on   Nov 13, 2017

Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB2017 in Madrid, in which she shared her inside view of security in hospitals.

Read more  

Vulnerabilities play only a tiny role in the security risks that come with mobile phones

Posted by   Martijn Grooten on   Nov 9, 2017

Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.

Read more  

VB2017 paper: The (testing) world turned upside down

Posted by   Martijn Grooten on   Nov 8, 2017

At VB2017 in Madrid, industry veteran and ESET Senior Research Fellow David Harley presented a paper on the state of security software testing. Today we publish David's paper in both HTML and PDF format.

Read more  
Previous1...2728293031...215Next

Search blog

Botnet rented for online extortion

Man who threatened World Cup bookmakers with DDoS attack convicted.
Man who threatened World Cup bookmakers with DDoS attack convicted. A German man who hired a botnet and used it to threaten bookmakers with DDoS attacks during the 2010 FIFA World… https://www.virusbulletin.com/blog/2011/06/botnet-rented-online-extortion/

Zeus source code leaked

Banking trojan among the most advanced of its kind.
Banking trojan among the most advanced of its kind. Researchers at Danish security firm CSIS have discovered that the full source code of the Zeus crime kit has been leaked to… https://www.virusbulletin.com/blog/2011/05/zeus-source-code-leaked/

Smile, you're on a botnet!

Multi-platform Java botnet allows for remote control of webcam and microphone.
Multi-platform Java botnet allows for remote control of webcam and microphone. Researchers have discovered a multi-platform botnet running on the Java Runtime Environment (JRE)… https://www.virusbulletin.com/blog/2011/05/smile-you-re-botnet/

Department of Justice shuts down Coreflood botnet

'Stop' command sent from replaced command and control servers.
'Stop' command sent from replaced command and control servers. Earlier this week the US Department of Justice (DoJ) obtained an unprecedented temporary restraining order (TRO) that… https://www.virusbulletin.com/blog/2011/04/department-justice-shuts-down-coreflood-botnet/

Cutwail botnet sent 1.7 trillion spam messages

Operators made several million through botnet.
Operators made several million through botnet. Researchers from The Last Line of Defense and universities in Bochum and Santa Barbara have shared some insight into the workings of… https://www.virusbulletin.com/blog/2011/03/cutwail-botnet-sent-1-7-trillion-spam-messages/

Spam levels take a nose dive as Rustock apparently taken down - update

Eerie silence from Rustock botnet. Microsoft reported to have co-ordinated take down.
Eerie silence from Rustock botnet. Microsoft reported to have co-ordinated take down. Spam levels have taken a nose dive over the last 24 hours - apparently as a result of a take… https://www.virusbulletin.com/blog/2011/03/spam-levels-take-nose-dive-rustock-apparently-taken-down-update/

Cybercriminals frustrated with botnet trackers

Drastic measures discussed by users of online forum.
Drastic measures discussed by users of online forum. Russian cybercriminals are willing to go to great lengths to frustrate services that hinder botnets created with the ZeuS and… https://www.virusbulletin.com/blog/2011/03/cybercriminals-frustrated-botnet-trackers/

ENISA calls for revised botnet measurements

EU agency says current measures of botnet threat are misleading.
EU agency says current measures of botnet threat are misleading. European cyber security agency, ENISA (the European Network and Information Security Agency) has called for a… https://www.virusbulletin.com/blog/2011/03/enisa-calls-revised-botnet-measurements/

New peer-to-peer botnet discovered

New botnet shares fast flux DNS and other similarities with Storm and Waledac.
New botnet shares fast flux DNS and other similarities with Storm and Waledac. In the last few days of 2010, security researchers discovered a new botnet that shares many… https://www.virusbulletin.com/blog/2011/01/new-peer-peer-botnet-discovered/

41% of spam sent via Rustock botnet

Botnet spam back after short summer break.
Botnet spam back after short summer break. In its latest intelligence report, security firm MessageLabs reports that 41% of all spam is being sent through the Rustock botnet, an… https://www.virusbulletin.com/blog/2010/08/41-spam-sent-rustock-botnet/

Mariposa bot herders apply for job with security firm

Applicants weren't successful, but may not see prison either.
Applicants weren't successful, but may not see prison either.Panda Labs' Luis Corrons believed he was the victim if a practical joke when two people who had been involved in the… https://www.virusbulletin.com/blog/2010/05/mariposa-bot-herders-apply-job-security-firm/

Botnet taken down as ringleaders are arrested

'Mariposa' included almost 13 million zombies.
'Mariposa' included almost 13 million zombies. Spanish authorities have managed to take down the Mariposa botnet - one of the largest of its kind which is believed to have infected… https://www.virusbulletin.com/blog/2010/03/botnet-taken-down-ringleaders-are-arrested/

Botnets becoming more robust

Zeus botnet used Amazon's in-the-cloud service to control bots.
Zeus botnet used Amazon's in-the-cloud service to control bots. New reports by MessageLabs and McAfee show that botherders have learned a lesson following the take-down of McColo… https://www.virusbulletin.com/blog/2009/12/botnets-becoming-more-robust/

Take-down of rogue ISP sees temporary drop in spam levels

Spam levels back to normal within a few days.
Spam levels back to normal within a few days. The take-down of the rogue ISP Real Host on 1 August saw spam levels temporarily drop by more than a third, Messagelabs claims in its… https://www.virusbulletin.com/blog/2009/08/take-down-rogue-isp-sees-temporary-drop-spam-levels/

Yxe trojan infecting mobile phones

Symbian software-signing slipup certifies SMS spambot.
Symbian software-signing slipup certifies SMS spambot. A new trojan, the first of its kind, is affecting users of the Symbian mobile operating system by spreading itself via text… https://www.virusbulletin.com/blog/2009/07/yxe-trojan-infecting-mobile-phones/

McColo shutdown not felt the same by all recipients

Mailbox-level reduction may depend on spam detection methods.
Mailbox-level reduction may depend on spam detection methods. When the rogue provider McColo was taken offline in November 2008, depriving many botnets of their command and control… https://www.virusbulletin.com/blog/2009/07/mccolo-shutdown-not-felt-same-all-recipients/

Five botnets responsible for 75% of spam sent

Each infected machine sends spam at rate of almost two messages per second.
Each infected machine sends spam at rate of almost two messages per second.Spam levels have increased 60% since the beginning of this year, according to security company Marshal8e6… https://www.virusbulletin.com/blog/2009/07/five-botnets-responsible-75-spam-sent/

Korea DDoS surge mired in hype and confusion

Rows rumble on over sources and targets of botnet attacks.
Rows rumble on over sources and targets of botnet attacks. Last week's gush of denial-of-service attacks has sparked considerable excitement and argument, with rumours of possible… https://www.virusbulletin.com/blog/2009/07/korea-ddos-surge-mired-hype-and-confusion/

BBC botnet hijack proves controversial

Legal issues raised by broadcaster's demo of spamming, DDoS, cleanup attempt.
Legal issues raised by broadcaster's demo of spamming, DDoS, cleanup attempt. A BBC report into the dangers of botnets has got the corporation into hot water, after reporters took… https://www.virusbulletin.com/blog/2009/03/bbc-botnet-hijack-proves-controversial/

MS forms anti-Conficker alliance

Industry group to combine efforts, reward offered.
Industry group to combine efforts, reward offered.Microsoft has announced a collaborative effort to combat the Conficker (aka Downadup) botnet, the widespread infection making… https://www.virusbulletin.com/blog/2009/02/ms-forms-anti-conficker-alliance/

« Previous 12345 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.