VB Blog

From Amazon to Emotet: a look at those phishing and malware emails that bypassed email security products

Posted by   Martijn Grooten on   Feb 3, 2019

We see a lot of spam in the VBSpam test lab, and we also see how well such emails are being blocked by email security products. Recently some of the emails that bypassed security products included a broken Amazon phishing campaign, a large fake UPS campaign and malicious emails carrying Emotet and Lokibot.

Read more  

VB2018 paper: Little Brother is watching – we know all your secrets!

Posted by   Martijn Grooten on   Feb 1, 2019

At VB2018 in Montreal, researchers from Fraunhofer SIT looked at privacy vulnerabilities in legitimate Android family-tracking apps that leaked location data. Today, we publish both their paper and the video of their presentation.

Read more  

Threat intelligence teams should consider recruiting journalists

Posted by   Martijn Grooten on   Jan 29, 2019

Threat intelligence teams would do well to recruit journalists, whose experience is crucial in today's threat landscape.

Read more  

From HSBC to product descriptions: the malicious emails bypassing your filters

Posted by   Martijn Grooten on   Jan 28, 2019

Using data from our VBSpam lab, we looked at the malicious emails that have been missed recently by a large number of email security products.

Read more  

VB2018 paper: Inside Formbook infostealer

Posted by   Martijn Grooten on   Jan 25, 2019

The Formbook information-stealing trojan may not be APT-grade malware, but its continuing spread means it can still be effective. At VB2018 in Montreal, Gabriela Nicolao, a researcher from Deloitte in Argentina, presented a short paper in which she looked at Formbook's background and history and analysed a sample of the malware. Today, we publish Gabriela's paper.

Read more  

The VB2019 CFP - how the selection procedure works

Posted by   Martijn Grooten on   Jan 24, 2019

With the VB2019 Call for Papers having opened last week, we explain how the selection procedure works, which may help you during your abstract submission.

Read more  

VB2018 paper: From Hacking Team to hacked team to…?

Posted by   Martijn Grooten on   Jan 18, 2019

Today we publish the VB2018 paper and video by ESET researcher Filip Kafka, who looked at the new malware by Hacking Team, after the company had recovered from the 2015 breach.

Read more  

The spam that is hardest to block is often the most damaging

Posted by   Martijn Grooten on   Jan 17, 2019

We see a lot of spam in the VBSpam test lab, and we also see how well such emails are being blocked by email security products. Worryingly, it is often the emails with a malicious attachment or a phishing link that are most likely to be missed.

Read more  

Throwback Thursday: We're all doomed

Posted by   Helen Martin on   Jan 17, 2019

Mydoom turns 15 this month, and is still being seen in email attachments. This Throwback Thursday we look back to March 2004, when Gabor Szappanos tracked the rise of W32/Mydoom.

Read more  

VB2019 call for papers - now open!

Posted by   Martijn Grooten on   Jan 15, 2019

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2019 is now open and we want to hear from you!

Read more  
Previous1...1314151617...215Next

Search blog

Small Talks return to the Virus Bulletin Conference

Following their success last year, this year a series of "Small Talks" return to the VB2016 conference programme. We are pleased to announce the details of six of these talks, covering subjects that range from the Chinese cybercriminal underground to Andr…
VB2015 was the 25th Virus Bulletin conference and, to celebrate the occasion, we added a third stream to the programme. Dubbed "Small Talks", these talks were longer than those on… https://www.virusbulletin.com/blog/2016/08/small-talks-return-virus-bulletin-conference/

VB2015 paper: Will Android Trojans, Worms or Rootkits Survive in SEAndroid and Containerization?

Sophos researchers Rowland Yu and William Lee look at whether recent security enhancements to Android, such as SEAndroid and containerization, will be enough to defeat future malware threats.
Google's Android operating system may have a bit of a bad reputation when it comes to security, but it's worth noting that recent versions of the operating system have been… https://www.virusbulletin.com/blog/2016/02/vb2015-paper-will-android-trojans-worms-or-rootkits-survive-seandroid-and-containerization/

VB2015 video: Making a dent in Russian mobile banking phishing

Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks.
Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks. In the last few years, mobile malware has evolved from a mostly… https://www.virusbulletin.com/blog/2015/12/video-making-dent-russian-mobile-banking-phishing/

Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution

The operating system has been patched, but it is unclear whether users will receive those patches.
The operating system has been patched, but it is unclear whether users will receive those patches. Researchers at mobile security firm Zimperium have discovered a remote code… https://www.virusbulletin.com/blog/2015/07/stagefright-vulnerability-leaves-950-million-android-devices-vulnerable-remote-code-execution/

VB2014 paper: Leaving our ZIP undone: how to abuse ZIP to deliver malware apps

Gregory Panakkal explains that there are different ways of looking at APK files - and that sometimes that can have unintended consequences.
Gregory Panakkal explains that there are different ways of looking at APK files - and that sometimes that can have unintended consequences.Since the close of the VB2014 conference… https://www.virusbulletin.com/blog/2015/03/paper-leaving-our-zip-undone-how-abuse-zip-deliver-malware-apps/

The VB2014 presentation you never saw. Early launch Android malware: your phone is 0wned

Malicious apps may have more privileges than security software.
Malicious apps may have more privileges than security software. There are many people without whom a Virus Bulletin conference wouldn't be possible: the VB team, the crew from Cue… https://www.virusbulletin.com/blog/2014/10/presentation-you-never-saw-early-launch-android-malware-your-phone-0wned/

VB2014 paper: Exposing Android white collar criminals

Luis Corrons dives into the world of shady Android apps.
Luis Corrons dives into the world of shady Android apps.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the presentations.… https://www.virusbulletin.com/blog/2014/10/paper-exposing-android-white-collar-criminals/

Black Hat Europe - day 1

Programme packed with interesting talks.
Programme packed with interesting talks. Though the prestige of Black Hat Europe doesn't compare to that of its American parent conference, and the event certainly doesn't dominate… https://www.virusbulletin.com/blog/2014/10/black-hat-europe-day-1/

Paper: Obfuscation in Android malware, and how to fight back

Axelle Apvrille and Ruchna Nigam look at both off-the-shelf products and custom obfuscation techniques.
Axelle Apvrille and Ruchna Nigam look at both off-the-shelf products and custom obfuscation techniques. After a relatively slow start, in recent years mobile malware has really… https://www.virusbulletin.com/blog/2014/07/paper-obfuscation-android-malware-and-how-fight-back/

Cheap Android phone comes shipped with spyware

Trojan masquerades as Google Play app; cannot be removed.
Trojan masquerades as Google Play app; cannot be removed. Researchers at German security firm G Data have discovered Android smartphones that come shipped with spyware. The phone… https://www.virusbulletin.com/blog/2014/06/cheap-android-phone-comes-shipped-spyware/

VB2013 speaker spotlight

We speak to VB2013 presenter Rowland Yu about Android malware, his research interests, and what he aims to bring to VB2013.
We speak to VB2013 presenter Rowland Yu about Android malware, his research interests, and what he aims to bring to VB2013. The VB2013 conference takes place next month (2-4… https://www.virusbulletin.com/blog/2013/09/speaker-spotlight-yu/

'Mobile Thursday' at the VB conference

Record number of presentations dedicated to threats affecting smartphones.
Record number of presentations dedicated to threats affecting smartphones. The significant increase in mobile threats is reflected in the VB2013 programme, which includes seven… https://www.virusbulletin.com/blog/2013/09/mobile-thursday-vb-conference/

VB2013 speaker spotlight

We speak to VB2013 presenters Axelle Apvrille and Karine de Pontevès about their research interests and what they aim to bring to VB2013.
We speak to VB2013 presenters Axelle Apvrille and Karine de Pontevès about their research interests and what they aim to bring to VB2013. The VB2013 conference takes place this… https://www.virusbulletin.com/blog/2013/07/speaker-spotlight-apvrille-de-ponteves/

VB2013 speaker spotlight

We speak to VB2013 presenter Samir Mody about his research interests and what he aims to bring to VB2013.
We speak to VB2013 presenter Samir Mody about his research interests and what he aims to bring to VB2013. The VB2013 conference takes place this autumn (2-4 October) in Berlin,… https://www.virusbulletin.com/blog/2013/07/speaker-spotlight-mody/

Compromised Yahoo! accounts continue to spread Android malware

Problem likely to be on Yahoo!'s side.
Problem likely to be on Yahoo!'s side. In recent weeks, we have noticed an uptick in the amount of spam sent from compromised Yahoo! accounts; we have reasons to believe the… https://www.virusbulletin.com/blog/2013/06/compromised-yahoo-accounts-continue-spread-android-malware/

AV Test releases Android test data

30 mobile solutions tested for malware protection and speed hit.
30 mobile solutions tested for malware protection and speed hit. Independent test organization AV-Test has released its latest report, covering the Andriod platform. This major… https://www.virusbulletin.com/blog/2013/06/av-test-releases-android-test-data/

Commoditization increasingly seen in mobile malware

Number of malicious samples and families increase, as Android remains most popular mobile platform.
Number of malicious samples and families increase, as Android remains most popular mobile platform. As the number of mobile malware samples in existence continues to grow faster… https://www.virusbulletin.com/blog/2013/05/commoditization-increasingly-seen-mobile-malware/

Spam link sends Android users to trojan proxy

Meanwhile, desktop users sent to (relatively harmless) weight-loss site.
Meanwhile, desktop users sent to (relatively harmless) weight-loss site. Links found in certain spam emails which redirect desktop users to a phony weight-loss website, have been… https://www.virusbulletin.com/blog/2013/03/spam-link-sends-android-users-trojan-proxy/

Android malware served via compromised websites

Malware downloaded automatically, but requires user permission to be installed.
Malware downloaded automatically, but requires user permission to be installed. Researchers at mobile security company Lookout have discovered a number of compromised websites that… https://www.virusbulletin.com/blog/2012/05/android-malware-served-compromised-websites/

Android malware hides inside JPG image

New LeNa variant no longer depends on rooted devices.
New LeNa variant no longer depends on rooted devices. Researchers at Lookout have discovered a new version of the 'LeNa' trojan for Android that does not require user interaction… https://www.virusbulletin.com/blog/2012/04/android-malware-hides-inside-jpg-image/

« Previous 123 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.