VB Blog

VB2016 Call for Papers Deadline

Posted by   Martijn Grooten on   Mar 18, 2016

You have until the early hours (GMT) of Monday 21 March to submit an abstract for VB2016! The VB2016 programme will be announced in the first week of April.

Read more  

How broken is SHA-1 really?

Posted by   Martijn Grooten on   Mar 15, 2016

SHA-1 collisions may be found in the next few months, but that doesn't mean that fake SHA-1-based certificates will be created in the near future. Nevertheless, it is time for everyone, and those working in security in particular, to move away from outdated hash functions.

Read more  

VB2016 Call for Papers - Frequently Asked Questions

Posted by   Martijn Grooten on   Mar 11, 2016

Are you interested in submitting an abstract for VB2016? We've answered some frequently asked questions about the Call for Papers, which closes next week.

Read more  

Throwback Thursday: Hash Woes

Posted by   Helen Martin on   Mar 10, 2016

This Throwback Thursday we go back to 2004, when the entire crypto community was abuzz with the news that a group of Chinese researchers had demonstrated flaws in a whole set of hash functions - VB took a closer look to clarify the situation and draw lessons from the incident.

Read more  

VB2015 paper: Mobile Banking Fraud via SMS in North America: Who's Doing it and How

Posted by   Martijn Grooten on   Mar 2, 2016

Though SMS may have been claimed dead many time, it is still very much alive, and quite popular among mobile phishers. At VB2015, Adaptive Mobile researcher Cathal Mc Daid presented a paper various mobile phishing campaigns targeting North American banks.

Read more  

Throwback Thursday: Viruses on the Internet

Posted by   Helen Martin on   Feb 25, 2016

This Throwback Thursday VB heads back to 1996 when - long before the days of driveby downloads and exploit kits - VB published a report on the state of viruses on the Internet.

Read more  

RSA and BSides San Francisco

Posted by   Martijn Grooten on   Feb 24, 2016

Next week, Virus Bulletin Editor Martijn Grooten will attend the RSA conference in San Francisco, where he will give a talk entitled "How Broken Is Our Crypto Really?" He will also speak at BSides San Francisco, where he will give a talk entitled "Elliptic Curve Cryptography for Those Who are Afraid of Mathematics".

Read more  

Virus Bulletin publishes first web filter test report

Posted by   Martijn Grooten on   Feb 19, 2016

After a lot of preparation, Virus Bulletin is proud to have published the first "VBWeb" comparative web filter test report, in which products' ability to block web-based malware and drive-by downloads was tested. Fortinet's FortiGuard appliance was the first product to achieve a VBWeb certification.

Read more  

VB2015 paper: Will Android Trojans, Worms or Rootkits Survive in SEAndroid and Containerization?

Posted by   Martijn Grooten on   Feb 18, 2016

Sophos researchers Rowland Yu and William Lee look at whether recent security enhancements to Android, such as SEAndroid and containerization, will be enough to defeat future malware threats.

Read more  

First six VB2016 sponsors announced

Posted by   Martijn Grooten on   Feb 17, 2016

Virus Bulletin is excited to announce the first six sponsors for VB2016, the 26th international Virus Bulletin conference, which will take place in Denver, Colorado, USA 5-7 October 2016.

Read more  
Previous1...4546474849...215Next

Search blog

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other …
Few readers of this blog will believe that there aren't any security issues with Apple's macOS operating system, a point made rather unsubtly by yesterday's discovery of a flaw… https://www.virusbulletin.com/blog/2017/11/vb2017-paper-offensive-malware-analysis-dissecting-osxfruitflyb-custom-cc-server/

By removing VPNs from its Chinese App Store, Apple turns its biggest security asset against its users

To comply with Chinese laws, Apple has removed all iOS VPN apps from its Chinese app store. This means that the company uses iOS's strongest security asset, its tightly controlled App Store, against its own users.
A little over a month ago, Apple's iPhone celebrated its tenth birthday. The iPhone has been one of the biggest commercial success stories ever, but it has also been a great… https://www.virusbulletin.com/blog/2017/08/removing-vpns-its-chinese-app-store-apple-turns-its-biggest-security-asset-aggasnt-its-users/

Paper: Dylib hijacking on OS X

Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks.
Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks. A few years ago, DLL hijacking on Windows was really hot, despite the fact that the concept had… https://www.virusbulletin.com/blog/2015/03/paper-dylib-hijacking-os-x/

VB2014 paper: Apple without a shell - iOS under targeted attack

Developer Enterprise Program recently found to be used by WireLurker.
Developer Enterprise Program recently found to be used by WireLurker.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the… https://www.virusbulletin.com/blog/2014/11/paper-apple-without-shell-ios-under-targeted-attack/

WireLurker malware infects iOS devices through OS X

Non-jailbroken devices infected via enterprise provisioning program.
Non-jailbroken devices infected via enterprise provisioning program. Researchers at Palo Alto Networks have published a research paper (PDF) analysing the 'WireLurker' malware that… https://www.virusbulletin.com/blog/2014/11/wirelurker-malware-infects-ios-devices-through-os-x/

VB2014 preview: Apple without a shell - iOS under targeted attack

FireEye researchers show a large attack vector for Apple's mobile operating system.
FireEye researchers show a large attack vector for Apple's mobile operating system.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are… https://www.virusbulletin.com/blog/2014/09/preview-apple-without-shell-ios-under-targeted-attack/

VB2013 speaker spotlight

We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference.
We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference. The VB2013 conference takes place this autumn… https://www.virusbulletin.com/blog/2013/06/speaker-spotlight-harley-myers/

Security fixes from Apple and Microsoft

100 security fixes in latest OS X update; three MS security updates in this month's patch release.
100 security fixes in latest OS X update; three MS security updates in this month's patch release. The latest release of Mac operating system OS X (Mac OS X v10.6.5) contains over… https://www.virusbulletin.com/blog/2010/11/security-fixes-apple-and-microsoft/

Android SMS trojan goes wild

Premium-rate text scam shows growing cracks in smart phone security.
Premium-rate text scam shows growing cracks in smart phone security. The first known SMS trojan affecting smart phones running Google's Android operating system has been observed… https://www.virusbulletin.com/blog/2010/08/android-sms-trojan-goes-wild/

Patches come thick and fast in major update spree

Monthly and out-of-band issues flood admins' to-do lists.
Monthly and out-of-band issues flood admins' to-do lists. The release of this month's Patch Tuesday security bulletins from Microsoft, with a fairly average 10 alerts covering 34… https://www.virusbulletin.com/blog/2010/06/patches-come-thick-and-fast-major-update-spree/

Macs under attack from trojan double whammy

Two new threats in a week spark worries of approaching Mac malware era.
Two new threats in a week spark worries of approaching Mac malware era. Users of Apple Mac systems, who have so far only suffered from minimal attention from malware creators, may… https://www.virusbulletin.com/blog/2008/06/macs-under-attack-trojan-double-whammy/

Microsoft increases pressure on Apple to fix Safari blended threat

'Carpet bombing' vulnerability more serious than Apple claims, MS warns.
'Carpet bombing' vulnerability more serious than Apple claims, MS warns.Microsoft, whose Internet Explorer has come under frequent criticism for security vulnerabilities, has… https://www.virusbulletin.com/blog/2008/06/microsoft-increases-pressure-apple-fix-safari-blended-threat/

Bugs found in Apple's new Windows browser within hours of release

Safari not so good-y.
Safari not so good-y. A number of security researchers say they found bugs in Apple's brand new web browser Safari for Windows just hours after its public beta release on 11 June.… https://www.virusbulletin.com/blog/2007/06/bugs-found-apple-s-new-windows-browser-within-hours-release/

Vulnerabilities strike more AV firms, and Mac too

F-Secure and Authentium patch holes, while Samba flaws worry Apple users.
F-Secure and Authentium patch holes, while Samba flaws worry Apple users. Users of Mac OS X, used to a cosy sense of security, have been warned of possible penetration vectors… https://www.virusbulletin.com/blog/2007/06/vulnerabilities-strike-more-av-firms-and-mac-too/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.