VB Blog

Five reasons to come to VB2017 in Madrid

Posted by Martijn Grooten on Jul 25, 2017

We're not ones to make bold claims about our conference, and we suggest you ask past attendees for their opinion, but here are five reasons why we think you should come to VB2017 in Madrid.

Posted by Martijn Grooten on Jul 24, 2017

US Senator Ron Wyden has asked the Department of Homeland Security to implement DMARC. Martijn Grooten looks at what difference this could make for phishing attacks impersonating the US federal governent.

Posted by Martijn Grooten on Jul 20, 2017

Unsurprisingly given today's threat landscape, the VB2017 programme contains several talks on various advanced persistent threats - but also a talk on what may be the polar opposite of such threats: an inept persistent threat.

Posted by Martijn Grooten on Jul 18, 2017

Password security advice focuses too much on password strength and too little on avoiding password reuse, Martijn Grooten argues.

Posted by Martijn Grooten on Jul 17, 2017

Though the location will remain a secret for a few more months, we are pleased to announce the dates for VB2018, the 28th Virus Bulletin International Conference.

Posted by Martijn Grooten on Jul 10, 2017

The second edition of BSides Athens saw a great and varied programme presented in the Greek capital. VB's Martijn Grooten was pleased to attend.

Posted by Martijn Grooten on Jul 7, 2017

Spreading 'FUD' in the wake of cyber-attacks is never a good idea. But it's even worse when this might be one of the attackers' implicit goals.

Posted by Martijn Grooten on Jul 7, 2017

For the third year in a row, we have set aside a limited number of student tickets for the Virus Bulletin conference, to allow 'next-generation' security researchers to experience one of the most important gatherings of security researchers around the world.

Posted by Martijn Grooten on Jul 4, 2017

Virus Bulletin has opened nominations for the fourth annual Péter Szőr Award, for the best piece of technical security research published between 1 July 2016 and 30 June 2017.

Posted by Martijn Grooten on Jul 3, 2017

According to some researchers, there is some evidence linking the recent (Not)Petya attacks with the BlackEnergy group - which became infamous for its targeted attacks against the Ukraine. At VB2016, ESET researchers Anton Cherepanov and Robert Lipovsky spoke about BlackEnergy, providing an overview of the group's attacks. Today, we publish their paper.

Previous1...3334353637...215Next

Search blog

Ebury and Mayhem server malware families still active

Ebury and Mayhem, two families of Linux server malware, about which VB published papers back in 2014, are still active and have received recent updates.
Whether it is to send spam or to redirect web traffic to malicious payloads, compromised (Linux) web servers are the glue in many a malware campaign. Two such networks of… https://www.virusbulletin.com/blog/2017/10/ebury-and-mayhem-server-malware-families-still-active/

Malicious CCleaner update points to a major weakness in our infrastructure

Researchers from Cisco Talos have found that a recent version of the widely used CCleaner tool installed malware on the machine.
For the security community, 2017 might well be called the year of the update: two of the biggest security stories – the WannaCry outbreak and the Equifax breach – involved… https://www.virusbulletin.com/blog/2017/09/malicious-ccleaner-update-points-major-weakness-our-infrastructure/

VB2014 preview: two papers on Linux server malware

Researchers from ESET, Yandex and Symantec look at emerging malware trend.
Researchers from ESET, Yandex and Symantec look at emerging malware trend.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are looking at… https://www.virusbulletin.com/blog/2014/09/preview-two-papers-linux-server-malware/

More than two million home routers have 'wide open backdoor'

Default password makes vulnerability easy to exploit.
Default password makes vulnerability easy to exploit. Researchers at Trend Micro have discovered an easy-to-exploit backdoor in routers from Chinese manufacturer Netcore, that… https://www.virusbulletin.com/blog/2014/08/more-two-million-home-routers-have-wide-open-backdoor/

'Son of Stuxnet' trojan found

'Duqu' used in targeted attacks to steal specific information.
'Duqu' used in targeted attacks to steal specific information. Researchers at both Symantec and McAfee have discovered a new Remote Access Trojan (RAT) with strong links to Stuxnet… https://www.virusbulletin.com/blog/2011/10/son-stuxnet-trojan-found/

Fake codec trojan disables anti-virus software

Victim tricked into believing security software still active.
Victim tricked into believing security software still active. A new trojan, discovered by researchers at ESET, spreads itself via fake codecs, then disables running anti-virus… https://www.virusbulletin.com/blog/2011/08/fake-codec-trojan-disables-anti-virus-software/

Hundreds of legitimate websites being hacked into

New mass infection leaves security researchers puzzled.
New mass infection leaves security researchers puzzled. Web security company ScanSafe has reported a new mass infection of websites, which it claims accounts for 15% of the web… https://www.virusbulletin.com/blog/2008/01/hundreds-legitimate-websites-being-hacked/

VB Blog

Five reasons to come to VB2017 in Madrid

DMARC: an imperfect solution that can make a big difference

Advanced and inept persistent threats to be discussed at VB2017

Password security is 1% choosing a half-decent password, 99% not using it anywhere else

Save the dates: VB2018 to take place 3-5 October 2018

Review: BSides Athens 2017

Let's not help attackers by spreading fear, uncertainty and doubt

Calling next-gen security researchers: student discount for VB2017 announced

Nominations opened for fourth Péter Szőr Award

VB2016 paper: BlackEnergy – what we really know about the notorious cyber attacks