VB Blog

Necurs pump-and-dump spam campaign pushes obscure cryptocurrency

Posted by   Martijn Grooten on   Jan 16, 2018

A Necurs pump-and-dump spam campaign pushing the lesser known Swisscoin botnet is mostly background noise for the Internet.

Read more  

Alleged author of creepy FruitFly macOS malware arrested

Posted by   Martijn Grooten on   Jan 11, 2018

A 28-year old man from Ohio has been arrested on suspicion of having created the mysterious FruitFly malware that targeted macOS and used it to spy on its victims.

Read more  

The threat and security product landscape in 2017

Posted by   Martijn Grooten on   Jan 10, 2018

At the start of the new year, Virus Bulletin looks back at the threats seen in the 2017 and at the security products that are available to help mitigate them.

Read more  

Spamhaus report shows many botnet controllers look a lot like legitimate servers

Posted by   Martijn Grooten on   Jan 9, 2018

Spamhaus's annual report on botnet activity shows that botherders tend to use popular, legitimate hosting providers, domain registrars and top-level domains when setting up command-and-control servers.

Read more  

Tips on researching tech support scams

Posted by   Martijn Grooten on   Jan 5, 2018

As tech support scammers continue to target the computer illiterate through cold calling, VB's Martijn Grooten uses his own experience to share some advice on how to investigate such scams.

Read more  

Meltdown and Spectre attacks mitigated by operating system updates

Posted by   Martijn Grooten on   Jan 4, 2018

Just four days into the new year, two serious attacks in modern processors, dubbed Meltdown and Spectre, have been discovered. The attacks can be mitigated by patches to the operating system, but anti-virus software vendors need to make sure their products are compatible with the patches.

Read more  

Conference review: AVAR 2017

Posted by   Martijn Grooten on   Dec 22, 2017

Martijn Grooten reports on the 20th AVAR conference, which took place earlier in December in Beijing, China.

Read more  

Conference review: Botconf 2017

Posted by   Virus Bulletin on   Dec 22, 2017

Virus Bulletin researchers report back from a very interesting fifth edition of Botconf, the botnet fighting conference.

Read more  

VB2017 videos on attacks against Ukraine

Posted by   Martijn Grooten on   Dec 21, 2017

(In)security is a global issue that affects countries around the world, but in recent years none has been so badly hit as Ukraine. Today, we publish the videos of two VB2017 talks about attacks that hit Ukraine particularly badly: a talk by Alexander Adamov (NioGuard) on (Not)Petya and related attacks, and another by Robert Lipovsky and Anton Cherepanov (ESET) on Industroyer.

Read more  

Facebook helps you determine whether emails really came from its servers

Posted by   Martijn Grooten on   Dec 21, 2017

On its website, Facebook now shows which emails it has sent you recently, thus helping you to determine which emails are real, and which should be discarded as phishing.

Read more  
Previous1...2526272829...215Next

Search blog

New article: Through the looking glass: webcam interception and protection in kernel mode

Today we publish a short article by Ronen Slavin and Michael Maltsev, researchers at Reason Software Company, who dive into the video capturing internals on Windows, and explain how this can be used by a malicious actor to steal images recorded by a compu…
Today we publish a short article by Ronen Slavin and Michael Maltsev, researchers at Reason Software, one of the partners of VB2018. In the article, Ronen and Michael dive into… https://www.virusbulletin.com/blog/2018/09/new-article-through-looking-glass-webcam-intercepton-and-protection-kernel-mode/

VB2018 preview: The botnet landscape - live threats and steps for mitigation (Small Talk)

In a Small Talk at VB2018, Spamhaus's Simon Forster will present the organization's research into the botnet landscape and will discuss with the audience topics such as how the rise of anonymzation techniques and the hosting of botnets on well-regarded cl…
Whether they're used to send spam, to perform DDoS attacks, or as a proxy network for other kinds of nefarious activities, botnets remain a prominent tool for cybercriminals, and… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-botnet-landscape-live-threats-and-steps-mitigation-small-talk/

VB2018 Threat Intelligence Summit: survey on threat intel usage

Virus Bulletin is proud to host the first Threat Intelligence Summit as an integral part of VB2018 next week. In a bid to help collect as much current data as possible, we'd like to ask anyone generating or consuming threat intelligence to fill in a very …
Virus Bulletin is proud to host the first Threat Intelligence Summit as an integral part of VB2018, which is to take place next week in Montreal, Canada. The Summit is open to… https://www.virusbulletin.com/blog/2018/09/vb2018-threat-intelligence-summit-survey-threat-intel-usage/

VB2018 preview: Anatomy of an attack: detecting and defeating CRASHOVERRIDE

In today's blog post, we preview the VB2018 paper by Dragos Inc.'s Joe Slowik, who looks at the CRASHOVERRIDE malware, the first (publicly known) malware designed to impact electric grid operations.
One of the many highlights of last year's Virus Bulletin Conference was a last-minute paper by ESET researchers Anton Cherepanov and Robert Lipovsky on Industroyer, 'the first… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-anatomy-attack-detecting-and-defeating-crashoverride/

VB2018 preview: Cyber Threat Alliance

In today's blog post we look at a report on illicit cryptocurrency mining by the Cyber Threat Alliance and also look forward to the VB2018 talk by the CTA's CEO Michael Daniel.
Last week, the Cyber Threat Alliance (CTA) published a report on the illicit mining of cryptocurrencies. The report is notable for two reasons: first because it is exceptionally… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-cyber-threat-alliance/

VB2018 preview: hacking cars

In recent years, car hacking has evolved from a mostly theoretical research field involving giggling researchers and scared journalists, to one that actually concerns car owners and manufacturers. On today's blog we preview two VB2018 papers, by Inbar Raz…
In recent years, car hacking has evolved from a mostly theoretical research field involving giggling researchers and scared journalists, to one that actually concerns car owners… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-hacking-cars/

Where are all the ‘A’s in APT?

In a guest blog post by VB2018 gold partner Kaspersky Lab, Costin Raiu, Director of the company's Global Research and Analysis Team, looks critically at the 'A' in APT.
In a guest blog post by VB2018 gold partner Kaspersky Lab, Costin Raiu, Director of the company's Global Research and Analysis Team, looks critically at the 'A' in APT.   A… https://www.virusbulletin.com/blog/2018/09/where-are-all-apt/

VB2018 preview: commercial spyware and its use by governments

Today, we preview three VB2018 presentations that look at threats against civil society in general and the use of commercial spyware by governments for this purpose in particular.
Yesterday, a new report by Citizen Lab looked at NSO Group's Pegasus spyware and its global use. The report is worth a read, for the political implications of the findings, for… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-commercial-spyware-and-its-use-governments/

VB2018 preview: Wipers in the wild

Today we preview the VB2018 paper by Saher Naumaan (BAE Systems Applied Intelligence) on the use of wipers in APT attacks.
Some of the earliest computer viruses deleted data and sometimes even rendered computers unusable. But as malware increasingly became a tool used for criminal or (geo)political… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-wipers-wild/

VB2018 preview: IoT botnets

The VB2018 programme is packed with a wide range of security topics featuring speakers from all around the world. Today we preview two of them: one by Qihoo 360 researchers on tracking variants of Mirai and one by researchers from Bitdefender on the peer-…
For a long time IoT-botnets were just one of those things security professionals warned about. Then, with the appearance of Mirai in 2016, they became a reality. Mirai's… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-iot-botnets/

VB2018: last-minute talks announced

We are excited to announce the final additions to the VB2018 programme in the form of 10 'last-minute' papers covering up-to-the-minute research and hot topics and two more invited talks.
With a little over three weeks to go until the start of VB2018, 28th Virus Bulletin Conference, we are excited to announce ten last-minute talks that cover hot research.  … https://www.virusbulletin.com/blog/2018/09/vb2018-last-minute-talks-announced/

VB2018 preview: Since the hacking of Sony Pictures

At VB2018, AhnLab researcher Minseok Cha will look at activities of the Lazarus Group on the Korean peninsula going back as early as April 2011.
Yesterday, the US Justice Department brought charges against an alleged hacker for the North Korean government. The man, Park Jin Hyok, is accused of being connected with the 2014… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-hacking-sony-pictures/

Book review: Click Here to Kill Everybody

Paul Baccas reviews Bruce Schneier's latest thought-provoking book, 'Click Here to Kill Everybody'.
Paul Baccas reviews 'Click here to Kill Everybody' by Bruce Schneier   Title: Click Here to Kill Everybody: Security and Survival in a Hyper-connected World… https://www.virusbulletin.com/blog/2018/09/book-review-click-here-kill-everybody/

Spam is mostly noise and that makes measuring it very difficult

A brief analysis by Recorded Future suggests that the volume of spam and new domain registrations hasn't increased since the GDPR came into effect.
A recent blog post published by Recorded Future looked at the possible effect of the GDPR on the volume of spam and concludes there has been no noticeable impact. The question… https://www.virusbulletin.com/blog/2018/09/spam-mostly-noise-and-makes-measuring-it-complicated/

September

https://www.virusbulletin.com/blog/2018/09/

Virus Bulletin announces programme of the first International Threat Intelligence Summit

VB is thrilled to announce the programme of the first International Threat Intelligence Summit that will form an integral part of the VB2018 conference programme.
Today, we are excited to announce the programme of the first International Threat Intelligence Summit, which will form an integral part of the VB2018 conference programme. Most… https://www.virusbulletin.com/blog/2018/08/virus-bulletin-announces-programme-first-international-threat-intelligence-summit/

VB2018 preview: Explain Ethereum smart contract hacking like I am five

Designing smart contracts is hard: we preview a VB2018 paper on the blockchain-based platform Ethereum, that describes both how the technology works and how a number of security issues inherent to the platform have led to various high-profile and often ve…
Shout 'blockchain' in a group of security experts and everyone will start to laugh. It is fair to say that the security community tends to be rather sceptical about… https://www.virusbulletin.com/blog/2018/08/vb2018-preview-explain-ethereum-smart-contract-hacking-i-am-five/

VB2017 video: Client Maximus raises the bar

At VB2017, IBM Trusteer researcher Omer Agmon, presented a 'last-minute' paper in which he analysed the Client Maximum trojan, which targets Brazilian users of online banking. Today, we release the recording of his presentation.
Brazil has long been known as a hotbed of cybercrime, but what makes the country especially unique is that a lot of this cybercrime is inwards-focused. Thus there are many malware… https://www.virusbulletin.com/blog/2018/08/vb2017-video-client-maximus-raises-bar/

The security industry is genuinely willing to help you do good work

For those organizations working for the public good, security vendors are often willing to offer their services for free, or for very low cost.
An article at Cyberscoop lists security companies that are offering assistance to protect election systems, for example by protecting against DDoS attacks, performing penetration… https://www.virusbulletin.com/blog/2018/08/security-industry-genuinely-willing-help-you-do-good-work/

VB2018 preview: Unpacking the packed unpacker: reversing an Android anti-analysis library

At VB2018, Google researcher Maddie Stone will present an analysis of the multi-layered 'WeddingCake' anti-analysis library used by many Android malware families.
Seven years ago, the first VB conference paper on Android malware looked at what was then a new, but growing trend. Since then both the threat and the research community have… https://www.virusbulletin.com/blog/2018/08/vb2018-preview-unpacking-packed-unpacker-reversing-android-anti-analysis-library/

« Previous 1...1011121314...121 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.