VB Blog

Spam is mostly noise and that makes measuring it very difficult

Posted by   Martijn Grooten on   Sep 3, 2018

A brief analysis by Recorded Future suggests that the volume of spam and new domain registrations hasn't increased since the GDPR came into effect.

Read more  

Virus Bulletin announces programme of the first International Threat Intelligence Summit

Posted by   Martijn Grooten on   Aug 29, 2018

VB is thrilled to announce the programme of the first International Threat Intelligence Summit that will form an integral part of the VB2018 conference programme.

Read more  

VB2018 preview: Explain Ethereum smart contract hacking like I am five

Posted by   Martijn Grooten on   Aug 28, 2018

Designing smart contracts is hard: we preview a VB2018 paper on the blockchain-based platform Ethereum, that describes both how the technology works and how a number of security issues inherent to the platform have led to various high-profile and often very costly hacks.

Read more  

VB2017 video: Client Maximus raises the bar

Posted by   Martijn Grooten on   Aug 27, 2018

At VB2017, IBM Trusteer researcher Omer Agmon, presented a 'last-minute' paper in which he analysed the Client Maximum trojan, which targets Brazilian users of online banking. Today, we release the recording of his presentation.

Read more  

The security industry is genuinely willing to help you do good work

Posted by   Martijn Grooten on   Aug 21, 2018

For those organizations working for the public good, security vendors are often willing to offer their services for free, or for very low cost.

Read more  

VB2018 preview: Unpacking the packed unpacker: reversing an Android anti-analysis library

Posted by   Martijn Grooten on   Aug 17, 2018

At VB2018, Google researcher Maddie Stone will present an analysis of the multi-layered 'WeddingCake' anti-analysis library used by many Android malware families.

Read more  

VB2018 preview: From drive-by download to drive-by mining

Posted by   Martijn Grooten on   Aug 15, 2018

At VB2018, Malwarebytes researcher Jérôme Segura will discuss the rise of drive-by cryptocurrency mining, explaining how it works and putting it in the broader context of changes in the cybercrime landscape.

Read more  

Red Eyes threat group targets North Korean defectors

Posted by   Martijn Grooten on   Aug 14, 2018

A research paper by AhnLab researcher Minseok Cha looks at the activities of the Red Eyes threat group (also known as Group 123 and APT 37), whose targets include North Korean defectors, as well as journalists and human rights defenders focused on North Korea.

Read more  

VB announces Threat Intelligence Summit to take place during VB2018

Posted by   Martijn Grooten on   Aug 9, 2018

We are very excited to announce a special summit, as part of VB2018, that will be dedicated to all aspects of threat intelligence.

Read more  

VB2018 Small Talk: An industry approach for unwanted software criteria and clean requirements

Posted by   Martijn Grooten on   Aug 7, 2018

An industry approach for defining and detecting unwanted software to be presented and discussed at the Virus Bulletin conference.

Read more  
Previous1...1819202122...215Next

Search blog

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other …
Few readers of this blog will believe that there aren't any security issues with Apple's macOS operating system, a point made rather unsubtly by yesterday's discovery of a flaw… https://www.virusbulletin.com/blog/2017/11/vb2017-paper-offensive-malware-analysis-dissecting-osxfruitflyb-custom-cc-server/

By removing VPNs from its Chinese App Store, Apple turns its biggest security asset against its users

To comply with Chinese laws, Apple has removed all iOS VPN apps from its Chinese app store. This means that the company uses iOS's strongest security asset, its tightly controlled App Store, against its own users.
A little over a month ago, Apple's iPhone celebrated its tenth birthday. The iPhone has been one of the biggest commercial success stories ever, but it has also been a great… https://www.virusbulletin.com/blog/2017/08/removing-vpns-its-chinese-app-store-apple-turns-its-biggest-security-asset-aggasnt-its-users/

Paper: Dylib hijacking on OS X

Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks.
Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks. A few years ago, DLL hijacking on Windows was really hot, despite the fact that the concept had… https://www.virusbulletin.com/blog/2015/03/paper-dylib-hijacking-os-x/

VB2014 paper: Apple without a shell - iOS under targeted attack

Developer Enterprise Program recently found to be used by WireLurker.
Developer Enterprise Program recently found to be used by WireLurker.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the… https://www.virusbulletin.com/blog/2014/11/paper-apple-without-shell-ios-under-targeted-attack/

WireLurker malware infects iOS devices through OS X

Non-jailbroken devices infected via enterprise provisioning program.
Non-jailbroken devices infected via enterprise provisioning program. Researchers at Palo Alto Networks have published a research paper (PDF) analysing the 'WireLurker' malware that… https://www.virusbulletin.com/blog/2014/11/wirelurker-malware-infects-ios-devices-through-os-x/

VB2014 preview: Apple without a shell - iOS under targeted attack

FireEye researchers show a large attack vector for Apple's mobile operating system.
FireEye researchers show a large attack vector for Apple's mobile operating system.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are… https://www.virusbulletin.com/blog/2014/09/preview-apple-without-shell-ios-under-targeted-attack/

VB2013 speaker spotlight

We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference.
We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference. The VB2013 conference takes place this autumn… https://www.virusbulletin.com/blog/2013/06/speaker-spotlight-harley-myers/

Security fixes from Apple and Microsoft

100 security fixes in latest OS X update; three MS security updates in this month's patch release.
100 security fixes in latest OS X update; three MS security updates in this month's patch release. The latest release of Mac operating system OS X (Mac OS X v10.6.5) contains over… https://www.virusbulletin.com/blog/2010/11/security-fixes-apple-and-microsoft/

Android SMS trojan goes wild

Premium-rate text scam shows growing cracks in smart phone security.
Premium-rate text scam shows growing cracks in smart phone security. The first known SMS trojan affecting smart phones running Google's Android operating system has been observed… https://www.virusbulletin.com/blog/2010/08/android-sms-trojan-goes-wild/

Patches come thick and fast in major update spree

Monthly and out-of-band issues flood admins' to-do lists.
Monthly and out-of-band issues flood admins' to-do lists. The release of this month's Patch Tuesday security bulletins from Microsoft, with a fairly average 10 alerts covering 34… https://www.virusbulletin.com/blog/2010/06/patches-come-thick-and-fast-major-update-spree/

Macs under attack from trojan double whammy

Two new threats in a week spark worries of approaching Mac malware era.
Two new threats in a week spark worries of approaching Mac malware era. Users of Apple Mac systems, who have so far only suffered from minimal attention from malware creators, may… https://www.virusbulletin.com/blog/2008/06/macs-under-attack-trojan-double-whammy/

Microsoft increases pressure on Apple to fix Safari blended threat

'Carpet bombing' vulnerability more serious than Apple claims, MS warns.
'Carpet bombing' vulnerability more serious than Apple claims, MS warns.Microsoft, whose Internet Explorer has come under frequent criticism for security vulnerabilities, has… https://www.virusbulletin.com/blog/2008/06/microsoft-increases-pressure-apple-fix-safari-blended-threat/

Bugs found in Apple's new Windows browser within hours of release

Safari not so good-y.
Safari not so good-y. A number of security researchers say they found bugs in Apple's brand new web browser Safari for Windows just hours after its public beta release on 11 June.… https://www.virusbulletin.com/blog/2007/06/bugs-found-apple-s-new-windows-browser-within-hours-release/

Vulnerabilities strike more AV firms, and Mac too

F-Secure and Authentium patch holes, while Samba flaws worry Apple users.
F-Secure and Authentium patch holes, while Samba flaws worry Apple users. Users of Mac OS X, used to a cosy sense of security, have been warned of possible penetration vectors… https://www.virusbulletin.com/blog/2007/06/vulnerabilities-strike-more-av-firms-and-mac-too/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.