VB Blog

Report: VB100 comparative review on Windows 8.1

Posted by   Virus Bulletin on   Nov 20, 2014

40 out of 48 tested products earn VB100 award.

Read more  

Out-of-band patch released for all Windows versions

Posted by   Virus Bulletin on   Nov 19, 2014

Kerberos bug means one set of credentials suffices to rule them all.

Read more  

VB2014 paper: Optimized mal-ops. Hack the ad network like a boss

Posted by   Virus Bulletin on   Nov 18, 2014

Why buying ad space makes perfect sense for those wanting to spread malware.

Read more  

Book review: Bulletproof SSL and TLS

Posted by   Virus Bulletin on   Nov 17, 2014

Must-read for anyone working with one of the Internet's most important protocols.

Read more  

VB2014 paper: Bootkits: past, present & future

Posted by   Virus Bulletin on   Nov 12, 2014

Despite better defences, the era of bootkits is certainly not behind us.

Read more  

Stuxnet infected Natanz plant via carefully selected targets rather than escape from it

Posted by   Virus Bulletin on   Nov 11, 2014

Five initial victims of infamous worm named.

Read more  

VB2014 paper: Apple without a shell - iOS under targeted attack

Posted by   Virus Bulletin on   Nov 10, 2014

Developer Enterprise Program recently found to be used by WireLurker.

Read more  

Macro malware on the rise again

Posted by   Virus Bulletin on   Nov 7, 2014

Users taught that having to enable enhanced security features is no big deal.

Read more  

VB2014 video: Attack points in health apps & wearable devices - how safe is your quantified self?

Posted by   Virus Bulletin on   Nov 7, 2014

Health apps and wearable devices found to make many basic security mistakes.

Read more  

WireLurker malware infects iOS devices through OS X

Posted by   Virus Bulletin on   Nov 6, 2014

Non-jailbroken devices infected via enterprise provisioning program.

Read more  
Previous1...6263646566...215Next

Search blog

Ebury and Mayhem server malware families still active

Ebury and Mayhem, two families of Linux server malware, about which VB published papers back in 2014, are still active and have received recent updates.
Whether it is to send spam or to redirect web traffic to malicious payloads, compromised (Linux) web servers are the glue in many a malware campaign. Two such networks of… https://www.virusbulletin.com/blog/2017/10/ebury-and-mayhem-server-malware-families-still-active/

Malicious CCleaner update points to a major weakness in our infrastructure

Researchers from Cisco Talos have found that a recent version of the widely used CCleaner tool installed malware on the machine.
For the security community, 2017 might well be called the year of the update: two of the biggest security stories – the WannaCry outbreak and the Equifax breach – involved… https://www.virusbulletin.com/blog/2017/09/malicious-ccleaner-update-points-major-weakness-our-infrastructure/

VB2014 preview: two papers on Linux server malware

Researchers from ESET, Yandex and Symantec look at emerging malware trend.
Researchers from ESET, Yandex and Symantec look at emerging malware trend.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are looking at… https://www.virusbulletin.com/blog/2014/09/preview-two-papers-linux-server-malware/

More than two million home routers have 'wide open backdoor'

Default password makes vulnerability easy to exploit.
Default password makes vulnerability easy to exploit. Researchers at Trend Micro have discovered an easy-to-exploit backdoor in routers from Chinese manufacturer Netcore, that… https://www.virusbulletin.com/blog/2014/08/more-two-million-home-routers-have-wide-open-backdoor/

'Son of Stuxnet' trojan found

'Duqu' used in targeted attacks to steal specific information.
'Duqu' used in targeted attacks to steal specific information. Researchers at both Symantec and McAfee have discovered a new Remote Access Trojan (RAT) with strong links to Stuxnet… https://www.virusbulletin.com/blog/2011/10/son-stuxnet-trojan-found/

Fake codec trojan disables anti-virus software

Victim tricked into believing security software still active.
Victim tricked into believing security software still active. A new trojan, discovered by researchers at ESET, spreads itself via fake codecs, then disables running anti-virus… https://www.virusbulletin.com/blog/2011/08/fake-codec-trojan-disables-anti-virus-software/

Hundreds of legitimate websites being hacked into

New mass infection leaves security researchers puzzled.
New mass infection leaves security researchers puzzled. Web security company ScanSafe has reported a new mass infection of websites, which it claims accounts for 15% of the web… https://www.virusbulletin.com/blog/2008/01/hundreds-legitimate-websites-being-hacked/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.