VB Blog

VB2015 paper: Sizing cybercrime: incidents and accidents, hints and allegations

Posted by   Martijn Grooten on   Feb 11, 2016

Cybercrime is big. But how big is it really? In a paper presented at VB2015 and together with the presentation video published on our website today, ESET researcher Stephen Cobb looks at previous studies that attempt the size of cybercrime and asks why we need such data and what can be done better.

Read more  

Throwback Thursday: The Thin Blue Line

Posted by   Helen Martin on   Feb 11, 2016

This Throwback Thursday, VB heads back to 1994 when UK Fraud Squad detectives started making inroads into the most puzzling 'Whodunnit' since the Great Train Robbery. Had an outbreak of computer crime swept Britain? No, it was all part of a police training program.

Read more  

Welcome to virusbulletin.com

Posted by   Martijn Grooten on   Feb 10, 2016

Almost 20 years after Virus Bulletin revealed its first site on the "world wide web", we've redesigned our whole website. And we have a new domain as well.

Read more  

VB2015 video: TurlaSat: The Fault in our Stars

Posted by   Virus Bulletin on   Feb 9, 2016

In a presentation at VB2015 in Prague, Kaspersky Lab researcher Kurt Baumgartner talked about Turla's extraplanetary activities: the malware used (and abused) satellite Internet connections for command and control communication.

Read more  

Security vendors should embrace those hunting bugs in their products

Posted by   Virus Bulletin on   Feb 1, 2016

When interviewed by the Risky Business podcast last week, VB Editor Martijn Grooten talked about the security of security products and said that many vendors are embracing the work done by Tavis Ormandy and others - as they should.

Read more  

More VB Conference papers and videos published

Posted by   Virus Bulletin on   Jan 29, 2016

More VB2014 Conference papers and videos published - 11 papers and 9 videos added to our website.

Read more  

Throwback Thursday: Peter-II - Three Questions of The Sphinx

Posted by   Virus Bulletin on   Jan 28, 2016

This Throwback Thursday, VB heads back to 1993, when an ordinary memory-resident master boot sector virus spiced things up with a bit of pop trivia.

Read more  

VB2015 paper: Effectively testing APT defences

Posted by   Virus Bulletin on   Jan 27, 2016

Simon Edwards discusses how to test the potentially untestable.

Read more  

VB2015 paper: The ethics and perils of APT research: an unexpected transition into intelligence brokerage

Posted by   Virus Bulletin on   Jan 21, 2016

Juan Andrés Guerrero-Saade discusses the perils and ethical conundrums that arise as the industry enters a new playing field.

Read more  

VB2015 paper: Digital 'Bian Lian' (face changing): the Skeleton Key malware

Posted by   Virus Bulletin on   Jan 19, 2016

Microsoft, Dell SecureWorks researchers analyse malware targeting Active Directory servers.

Read more  
Previous1...4647484950...215Next

Search blog

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other …
Few readers of this blog will believe that there aren't any security issues with Apple's macOS operating system, a point made rather unsubtly by yesterday's discovery of a flaw… https://www.virusbulletin.com/blog/2017/11/vb2017-paper-offensive-malware-analysis-dissecting-osxfruitflyb-custom-cc-server/

By removing VPNs from its Chinese App Store, Apple turns its biggest security asset against its users

To comply with Chinese laws, Apple has removed all iOS VPN apps from its Chinese app store. This means that the company uses iOS's strongest security asset, its tightly controlled App Store, against its own users.
A little over a month ago, Apple's iPhone celebrated its tenth birthday. The iPhone has been one of the biggest commercial success stories ever, but it has also been a great… https://www.virusbulletin.com/blog/2017/08/removing-vpns-its-chinese-app-store-apple-turns-its-biggest-security-asset-aggasnt-its-users/

Paper: Dylib hijacking on OS X

Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks.
Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks. A few years ago, DLL hijacking on Windows was really hot, despite the fact that the concept had… https://www.virusbulletin.com/blog/2015/03/paper-dylib-hijacking-os-x/

VB2014 paper: Apple without a shell - iOS under targeted attack

Developer Enterprise Program recently found to be used by WireLurker.
Developer Enterprise Program recently found to be used by WireLurker.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the… https://www.virusbulletin.com/blog/2014/11/paper-apple-without-shell-ios-under-targeted-attack/

WireLurker malware infects iOS devices through OS X

Non-jailbroken devices infected via enterprise provisioning program.
Non-jailbroken devices infected via enterprise provisioning program. Researchers at Palo Alto Networks have published a research paper (PDF) analysing the 'WireLurker' malware that… https://www.virusbulletin.com/blog/2014/11/wirelurker-malware-infects-ios-devices-through-os-x/

VB2014 preview: Apple without a shell - iOS under targeted attack

FireEye researchers show a large attack vector for Apple's mobile operating system.
FireEye researchers show a large attack vector for Apple's mobile operating system.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are… https://www.virusbulletin.com/blog/2014/09/preview-apple-without-shell-ios-under-targeted-attack/

VB2013 speaker spotlight

We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference.
We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference. The VB2013 conference takes place this autumn… https://www.virusbulletin.com/blog/2013/06/speaker-spotlight-harley-myers/

Security fixes from Apple and Microsoft

100 security fixes in latest OS X update; three MS security updates in this month's patch release.
100 security fixes in latest OS X update; three MS security updates in this month's patch release. The latest release of Mac operating system OS X (Mac OS X v10.6.5) contains over… https://www.virusbulletin.com/blog/2010/11/security-fixes-apple-and-microsoft/

Android SMS trojan goes wild

Premium-rate text scam shows growing cracks in smart phone security.
Premium-rate text scam shows growing cracks in smart phone security. The first known SMS trojan affecting smart phones running Google's Android operating system has been observed… https://www.virusbulletin.com/blog/2010/08/android-sms-trojan-goes-wild/

Patches come thick and fast in major update spree

Monthly and out-of-band issues flood admins' to-do lists.
Monthly and out-of-band issues flood admins' to-do lists. The release of this month's Patch Tuesday security bulletins from Microsoft, with a fairly average 10 alerts covering 34… https://www.virusbulletin.com/blog/2010/06/patches-come-thick-and-fast-major-update-spree/

Macs under attack from trojan double whammy

Two new threats in a week spark worries of approaching Mac malware era.
Two new threats in a week spark worries of approaching Mac malware era. Users of Apple Mac systems, who have so far only suffered from minimal attention from malware creators, may… https://www.virusbulletin.com/blog/2008/06/macs-under-attack-trojan-double-whammy/

Microsoft increases pressure on Apple to fix Safari blended threat

'Carpet bombing' vulnerability more serious than Apple claims, MS warns.
'Carpet bombing' vulnerability more serious than Apple claims, MS warns.Microsoft, whose Internet Explorer has come under frequent criticism for security vulnerabilities, has… https://www.virusbulletin.com/blog/2008/06/microsoft-increases-pressure-apple-fix-safari-blended-threat/

Bugs found in Apple's new Windows browser within hours of release

Safari not so good-y.
Safari not so good-y. A number of security researchers say they found bugs in Apple's brand new web browser Safari for Windows just hours after its public beta release on 11 June.… https://www.virusbulletin.com/blog/2007/06/bugs-found-apple-s-new-windows-browser-within-hours-release/

Vulnerabilities strike more AV firms, and Mac too

F-Secure and Authentium patch holes, while Samba flaws worry Apple users.
F-Secure and Authentium patch holes, while Samba flaws worry Apple users. Users of Mac OS X, used to a cosy sense of security, have been warned of possible penetration vectors… https://www.virusbulletin.com/blog/2007/06/vulnerabilities-strike-more-av-firms-and-mac-too/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.