VB Blog

NSA, GCHQ found to target anti-virus products

Posted by   Virus Bulletin on   Jun 23, 2015

Agencies looked for vulnerabilities to exploit and for submitted malware samples.

Read more  

Paper: Beta exploit pack: one more piece of crimeware for the infection road!

Posted by   Virus Bulletin on   Jun 19, 2015

Exploit kit currently being tested focuses primarily on Flash Player exploits.

Read more  

Throwback Thursday: Macro Viruses & The Little Virus That Could...

Posted by   Virus Bulletin on   Jun 18, 2015

This Throwback Thursday, we turn the clock back to 1999, when Melissa was causing havoc across the globe and VB presented a series of articles detailing all you ever wanted to know about macro viruses but were afraid to ask.

Read more  

Virus Bulletin announces 'Small Talks' for VB2015

Posted by   Virus Bulletin on   Jun 17, 2015

Smaller, more informal format ideal for discussion and debate.

Read more  

Throwback Thursday: Virus Writers

Posted by   Virus Bulletin on   Jun 11, 2015

This Throwback Thursday, we bring you a series of articles from the archives that looked at virus writers, asking 'who are they?', 'why do they do it?', and other pertinent questions.

Read more  

Vawtrak uses Tor2Web to connect to Tor hidden C&C servers

Posted by   Virus Bulletin on   Jun 11, 2015

Option hides the servers, without having to include a Tor client in the malware.

Read more  

Duqu 2.0 found to target security company

Posted by   Virus Bulletin on   Jun 10, 2015

Advanced malware also targeted venues linked to Iranian nuclear negotiations.

Read more  

London calling!

Posted by   Virus Bulletin on   May 27, 2015

Infosecurity Europe, BSides London and the Security Bloggers Meetup.

Read more  

Paper: On the beat

Posted by   Virus Bulletin on   May 22, 2015

Kevin Williams looks back at UK law enforcement successes at combating cybercrime.

Read more  

Throwback Thursday: Research and Other Hobbies

Posted by   Virus Bulletin on   May 21, 2015

This Throwback Thursday we reflect on the life of one of industry's greats, who sadly passed away this week: Prof. Klaus Brunnstein.

Read more  
Previous1...5354555657...215Next

Search blog

Ebury and Mayhem server malware families still active

Ebury and Mayhem, two families of Linux server malware, about which VB published papers back in 2014, are still active and have received recent updates.
Whether it is to send spam or to redirect web traffic to malicious payloads, compromised (Linux) web servers are the glue in many a malware campaign. Two such networks of… https://www.virusbulletin.com/blog/2017/10/ebury-and-mayhem-server-malware-families-still-active/

Malicious CCleaner update points to a major weakness in our infrastructure

Researchers from Cisco Talos have found that a recent version of the widely used CCleaner tool installed malware on the machine.
For the security community, 2017 might well be called the year of the update: two of the biggest security stories – the WannaCry outbreak and the Equifax breach – involved… https://www.virusbulletin.com/blog/2017/09/malicious-ccleaner-update-points-major-weakness-our-infrastructure/

VB2014 preview: two papers on Linux server malware

Researchers from ESET, Yandex and Symantec look at emerging malware trend.
Researchers from ESET, Yandex and Symantec look at emerging malware trend.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are looking at… https://www.virusbulletin.com/blog/2014/09/preview-two-papers-linux-server-malware/

More than two million home routers have 'wide open backdoor'

Default password makes vulnerability easy to exploit.
Default password makes vulnerability easy to exploit. Researchers at Trend Micro have discovered an easy-to-exploit backdoor in routers from Chinese manufacturer Netcore, that… https://www.virusbulletin.com/blog/2014/08/more-two-million-home-routers-have-wide-open-backdoor/

'Son of Stuxnet' trojan found

'Duqu' used in targeted attacks to steal specific information.
'Duqu' used in targeted attacks to steal specific information. Researchers at both Symantec and McAfee have discovered a new Remote Access Trojan (RAT) with strong links to Stuxnet… https://www.virusbulletin.com/blog/2011/10/son-stuxnet-trojan-found/

Fake codec trojan disables anti-virus software

Victim tricked into believing security software still active.
Victim tricked into believing security software still active. A new trojan, discovered by researchers at ESET, spreads itself via fake codecs, then disables running anti-virus… https://www.virusbulletin.com/blog/2011/08/fake-codec-trojan-disables-anti-virus-software/

Hundreds of legitimate websites being hacked into

New mass infection leaves security researchers puzzled.
New mass infection leaves security researchers puzzled. Web security company ScanSafe has reported a new mass infection of websites, which it claims accounts for 15% of the web… https://www.virusbulletin.com/blog/2008/01/hundreds-legitimate-websites-being-hacked/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.