VB Blog

VB2019 presentation: Targeted attacks through ISPs

Posted by   Virus Bulletin on   Jan 13, 2020

In 2019 we saw a rise in the number of targeted malware infections spread via ISPs and service providers. In a last-minute paper presented at VB2019 in London, Kaspersky researcher Denis Legezo discussed the details of a number of such cases. Today we release the recording of Denis' presentation.

Read more  

VB2019 presentation: A deep dive into iPhone exploit chains

Posted by   Virus Bulletin on   Jan 10, 2020

In a last-minute presentation at VB2019 in London, John Bambenek of the University of Illinois at Urbana-Champaign discussed details of campaigns that used advanced iOS and Android exploit chains against China’s Uighur minority. Today we release the recording of John's presentation.

Read more  

Latest VBWeb report describes current state of the web-based threat landscape

Posted by   Helen Martin on   Jan 8, 2020

Today we released the Winter 2020 VBWeb report, detailing the performance of web security products against live web threats and looking at the current state of the web-based threat landscape.

Read more  

VB2019 paper: Catch me if you can: detection of injection exploitation by validating query and API integrity

Posted by   Virus Bulletin on   Jan 6, 2020

In a paper presented at VB2019 in London, Prismo Systems researchers Abhishek Singh and Ramesh Mani discussed code injection vulnerabilities and presented a tool that could detect this vulnerability class. Today we publish their paper and the recording of their presentation.

Read more  

Virus Bulletin says a fond farewell and thank you to Martijn Grooten

Posted by   Helen Martin on   Dec 31, 2019

As VB Editor Martijn Grooten steps down from his role to move on to new challenges, the team wish him a fond farewell and the very best of luck in his future endeavours.

Read more  

VB2019 paper: Never before had Stierlitz been so close to failure (or: what is a Soviet super-spy doing in a popular bundleware for Mac?)

Posted by   Martijn Grooten on   Dec 27, 2019

Today, we publish the VB2019 paper and video by Sophos researcher Sergei Shevchenko in which he analyses a popular yet unnamed piece of macOS ‘bundleware’.

Read more  

Parting thoughts 5: bringing the good news

Posted by   Martijn Grooten on   Dec 23, 2019

In the final of a five-part series of blog posts, departing VB Editor Martijn Grooten argues for more emphasis on the good news in security, especially that which is more subtle.

Read more  

Parting thoughts 4: the big picture

Posted by   Virus Bulletin on   Dec 20, 2019

In the fourth of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why security researchers should refer to other people's work.

Read more  

Parting thoughts 3: taking security seriously

Posted by   Martijn Grooten on   Dec 19, 2019

In the third of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes security vendors should take their products' security more seriously.

Read more  

VB2019 paper: Exploring the Chinese DDoS landscape

Posted by   Martijn Grooten on   Dec 19, 2019

China has long been a hotbed of DDoS activities, and today we publish a VB2019 paper by Intezer researcher Nacho Sanmillan who looked at Chinese threat groups engaged in performing DDoS attacks. We have also uploaded the recording of his presentation.

Read more  
Previous1...56789...215Next

Search blog

Small Talks return to the Virus Bulletin Conference

Following their success last year, this year a series of "Small Talks" return to the VB2016 conference programme. We are pleased to announce the details of six of these talks, covering subjects that range from the Chinese cybercriminal underground to Andr…
VB2015 was the 25th Virus Bulletin conference and, to celebrate the occasion, we added a third stream to the programme. Dubbed "Small Talks", these talks were longer than those on… https://www.virusbulletin.com/blog/2016/08/small-talks-return-virus-bulletin-conference/

VB2015 paper: Will Android Trojans, Worms or Rootkits Survive in SEAndroid and Containerization?

Sophos researchers Rowland Yu and William Lee look at whether recent security enhancements to Android, such as SEAndroid and containerization, will be enough to defeat future malware threats.
Google's Android operating system may have a bit of a bad reputation when it comes to security, but it's worth noting that recent versions of the operating system have been… https://www.virusbulletin.com/blog/2016/02/vb2015-paper-will-android-trojans-worms-or-rootkits-survive-seandroid-and-containerization/

VB2015 video: Making a dent in Russian mobile banking phishing

Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks.
Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks. In the last few years, mobile malware has evolved from a mostly… https://www.virusbulletin.com/blog/2015/12/video-making-dent-russian-mobile-banking-phishing/

Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution

The operating system has been patched, but it is unclear whether users will receive those patches.
The operating system has been patched, but it is unclear whether users will receive those patches. Researchers at mobile security firm Zimperium have discovered a remote code… https://www.virusbulletin.com/blog/2015/07/stagefright-vulnerability-leaves-950-million-android-devices-vulnerable-remote-code-execution/

VB2014 paper: Leaving our ZIP undone: how to abuse ZIP to deliver malware apps

Gregory Panakkal explains that there are different ways of looking at APK files - and that sometimes that can have unintended consequences.
Gregory Panakkal explains that there are different ways of looking at APK files - and that sometimes that can have unintended consequences.Since the close of the VB2014 conference… https://www.virusbulletin.com/blog/2015/03/paper-leaving-our-zip-undone-how-abuse-zip-deliver-malware-apps/

The VB2014 presentation you never saw. Early launch Android malware: your phone is 0wned

Malicious apps may have more privileges than security software.
Malicious apps may have more privileges than security software. There are many people without whom a Virus Bulletin conference wouldn't be possible: the VB team, the crew from Cue… https://www.virusbulletin.com/blog/2014/10/presentation-you-never-saw-early-launch-android-malware-your-phone-0wned/

VB2014 paper: Exposing Android white collar criminals

Luis Corrons dives into the world of shady Android apps.
Luis Corrons dives into the world of shady Android apps.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the presentations.… https://www.virusbulletin.com/blog/2014/10/paper-exposing-android-white-collar-criminals/

Black Hat Europe - day 1

Programme packed with interesting talks.
Programme packed with interesting talks. Though the prestige of Black Hat Europe doesn't compare to that of its American parent conference, and the event certainly doesn't dominate… https://www.virusbulletin.com/blog/2014/10/black-hat-europe-day-1/

Paper: Obfuscation in Android malware, and how to fight back

Axelle Apvrille and Ruchna Nigam look at both off-the-shelf products and custom obfuscation techniques.
Axelle Apvrille and Ruchna Nigam look at both off-the-shelf products and custom obfuscation techniques. After a relatively slow start, in recent years mobile malware has really… https://www.virusbulletin.com/blog/2014/07/paper-obfuscation-android-malware-and-how-fight-back/

Cheap Android phone comes shipped with spyware

Trojan masquerades as Google Play app; cannot be removed.
Trojan masquerades as Google Play app; cannot be removed. Researchers at German security firm G Data have discovered Android smartphones that come shipped with spyware. The phone… https://www.virusbulletin.com/blog/2014/06/cheap-android-phone-comes-shipped-spyware/

VB2013 speaker spotlight

We speak to VB2013 presenter Rowland Yu about Android malware, his research interests, and what he aims to bring to VB2013.
We speak to VB2013 presenter Rowland Yu about Android malware, his research interests, and what he aims to bring to VB2013. The VB2013 conference takes place next month (2-4… https://www.virusbulletin.com/blog/2013/09/speaker-spotlight-yu/

'Mobile Thursday' at the VB conference

Record number of presentations dedicated to threats affecting smartphones.
Record number of presentations dedicated to threats affecting smartphones. The significant increase in mobile threats is reflected in the VB2013 programme, which includes seven… https://www.virusbulletin.com/blog/2013/09/mobile-thursday-vb-conference/

VB2013 speaker spotlight

We speak to VB2013 presenters Axelle Apvrille and Karine de Pontevès about their research interests and what they aim to bring to VB2013.
We speak to VB2013 presenters Axelle Apvrille and Karine de Pontevès about their research interests and what they aim to bring to VB2013. The VB2013 conference takes place this… https://www.virusbulletin.com/blog/2013/07/speaker-spotlight-apvrille-de-ponteves/

VB2013 speaker spotlight

We speak to VB2013 presenter Samir Mody about his research interests and what he aims to bring to VB2013.
We speak to VB2013 presenter Samir Mody about his research interests and what he aims to bring to VB2013. The VB2013 conference takes place this autumn (2-4 October) in Berlin,… https://www.virusbulletin.com/blog/2013/07/speaker-spotlight-mody/

Compromised Yahoo! accounts continue to spread Android malware

Problem likely to be on Yahoo!'s side.
Problem likely to be on Yahoo!'s side. In recent weeks, we have noticed an uptick in the amount of spam sent from compromised Yahoo! accounts; we have reasons to believe the… https://www.virusbulletin.com/blog/2013/06/compromised-yahoo-accounts-continue-spread-android-malware/

AV Test releases Android test data

30 mobile solutions tested for malware protection and speed hit.
30 mobile solutions tested for malware protection and speed hit. Independent test organization AV-Test has released its latest report, covering the Andriod platform. This major… https://www.virusbulletin.com/blog/2013/06/av-test-releases-android-test-data/

Commoditization increasingly seen in mobile malware

Number of malicious samples and families increase, as Android remains most popular mobile platform.
Number of malicious samples and families increase, as Android remains most popular mobile platform. As the number of mobile malware samples in existence continues to grow faster… https://www.virusbulletin.com/blog/2013/05/commoditization-increasingly-seen-mobile-malware/

Spam link sends Android users to trojan proxy

Meanwhile, desktop users sent to (relatively harmless) weight-loss site.
Meanwhile, desktop users sent to (relatively harmless) weight-loss site. Links found in certain spam emails which redirect desktop users to a phony weight-loss website, have been… https://www.virusbulletin.com/blog/2013/03/spam-link-sends-android-users-trojan-proxy/

Android malware served via compromised websites

Malware downloaded automatically, but requires user permission to be installed.
Malware downloaded automatically, but requires user permission to be installed. Researchers at mobile security company Lookout have discovered a number of compromised websites that… https://www.virusbulletin.com/blog/2012/05/android-malware-served-compromised-websites/

Android malware hides inside JPG image

New LeNa variant no longer depends on rooted devices.
New LeNa variant no longer depends on rooted devices. Researchers at Lookout have discovered a new version of the 'LeNa' trojan for Android that does not require user interaction… https://www.virusbulletin.com/blog/2012/04/android-malware-hides-inside-jpg-image/

« Previous 123 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.