VB Blog

New Emotet spam campaign continues to bypass email security products

Posted by   Martijn Grooten on   Sep 18, 2019

On Monday, the infamous Emotet malware resumed its spam campaign to spread the latest version of the malware. As before, the malware successfully bypasses many email security products.

Read more  

Book review: Cyberdanger: Understanding and Guarding Against Cybercrime

Posted by   Virus Bulletin on   Sep 16, 2019

Security researcher Paul Baccas reviews Eddy Willems' book 'Cyberdanger'.

Read more  

Programme for VB2019 Threat Intelligence Practitioners' Summit announced

Posted by   Martijn Grooten on   Sep 13, 2019

In the mini-summit, which forms part of VB2019 (the 29th Virus Bulletin International Conference), eight sessions will focus on all aspects of threat intelligence collecting, using and sharing.

Read more  

Guest blog: TotalAV uncovers the world’s first ransomware

Posted by   Virus Bulletin on   Sep 12, 2019

In a guest blog post by VB2019 Silver partner TotalAV, Matthew Curd, the software’s Technical Expert, considers the changes in the cybersecurity landscape.

Read more  

Guest blog: Targeted attacks with public tools

Posted by   Virus Bulletin on   Sep 4, 2019

Over the last few years SE Labs has tested more than 50 different security products against over 5,000 targeted attacks. In this guest blog post Stefan Dumitrascu, Chief Technical Officer at SE Labs, looks at the different attack tools available, how effective they are at helping attackers bypass anti-malware products, and how security vendors have been handling this type of threat for over a year.

Read more  

VB2019 preview: Small Talks

Posted by   Martijn Grooten on   Sep 3, 2019

We preview the five Small Talks on the VB2019 programme in which important topics are discussed in a less formal atmosphere.

Read more  

VB2019 preview: Problem child: common patterns in malicious parent-child relationships

Posted by   Martijn Grooten on   Sep 2, 2019

We preview the VB2019 paper by Endgame researcher Bobby Filar, who created a graph-based framework designed to detect malicious use of legitimate binaries through parent-child relationships.

Read more  

VB2019 preview: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry

Posted by   Martijn Grooten on   Aug 30, 2019

We preview the VB2019 paper by RiskIQ researcher Yonathan Klijnsma on the Magecart web skimming attacks.

Read more  

VB2019 call for last-minute papers closes on Sunday (1 Sept)

Posted by   Martijn Grooten on   Aug 29, 2019

Your last chance to get a speaking slot on the VB2019 programme with a talk on hot research!

Read more  

21 organisations partner with VB2019

Posted by   Martijn Grooten on   Aug 29, 2019

Record number of partner organisations for the Virus Bulletin Conference reflects very broad and international event.

Read more  
Previous1...910111213...215Next

Search blog

Conference review: AVAR 2017

Martijn Grooten reports on the 20th AVAR conference, which took place earlier in December in Beijing, China.
The first week of December was packed with security conferences, and VB2017 speakers were busy presenting their research at no fewer than four different events: FIRST in Prague,… https://www.virusbulletin.com/blog/2017/12/conference-review-avar-2017/

Conference review: Botconf 2017

Virus Bulletin researchers report back from a very interesting fifth edition of Botconf, the botnet fighting conference.
Since its first edition in 2013, the Virus Bulletin team have been big fans of Botconf, the botnet fighting conference held every year in France. This year, Virus Bulletin sent… https://www.virusbulletin.com/blog/2017/12/conference-review-botconf-2017/

VB2017 videos on attacks against Ukraine

(In)security is a global issue that affects countries around the world, but in recent years none has been so badly hit as Ukraine. Today, we publish the videos of two VB2017 talks about attacks that hit Ukraine particularly badly: a talk by Alexander Adam…
(In)security is a global problem that affects every country in the world, but in recent years, none has been as badly hit as Ukraine. The most well known malware that… https://www.virusbulletin.com/blog/2017/12/vb2017-videos-attacks-against-ukraine/

Facebook helps you determine whether emails really came from its servers

On its website, Facebook now shows which emails it has sent you recently, thus helping you to determine which emails are real, and which should be discarded as phishing.
There are many good reasons to criticize Facebook for its collecting of our personal data, but the company also deserves credit for being at the forefront when it comes to online… https://www.virusbulletin.com/blog/2017/12/facebook-helps-you-determine-whether-emails-really-came-them/

Vulnerability disclosure and botnet takedown not to be hindered by Wassenaar Arrangement

Clarification in the language of the Wassenaar Arrangement, a multilateral export control regime for conventional arms and dual-use goods and technologies, means those involved in vulnerability disclosure or botnet takedown won't have to worry about acqui…
I have never been too keen on making comparisons between (advanced) cyber attacks and conventional war, as such comparisons tend to ignore the enormous human cost that comes with… https://www.virusbulletin.com/blog/2017/12/vulnerability-disclosure-and-botnet-takedown-not-be-hindered-wassenaar-arrangement/

VB2017 paper: Nine circles of Cerber

Cerber is one of the major names in the world of ransomware, and last year, Check Point released a decryption service for the malware. Today, we publish a VB2017 paper by Check Point's Stanislav Skuratovich describing how the Cerber decryption tool worked…
Earlier this week, we published the video of a VB2017 presentation on the Spora ransomware. Spora is hardly alone in this prominent threat type though, and one of the other major… https://www.virusbulletin.com/blog/2017/12/vb2017-paper-nine-circles-cerber/

Attack on Fox-IT shows how a DNS hijack can break multiple layers of security

Dutch security firm Fox-IT deserves praise for being open about an attack on its client network. There are some important lessons to be learned about DNS security from its post-mortem.
Every company will, sooner or later, get hacked and we should judge them by how they respond. With that in mind, Fox-IT, which writes in great detail about how a DNS hijack was… https://www.virusbulletin.com/blog/2017/12/attack-fox-it-shows-how-dns-hijack-can-break-multiple-layers-security/

Throwback Thursday: BGP - from route hijacking to RPKI: how vulnerable is the Internet?

For this week's Throwback Thursday, we look back at the video of a talk Level 3's Mike Benjamin gave at VB2016 in Denver, on BGP and BGP hijacks.
Yesterday, a 'mysterious event' involving BGP, the Internet's border gateway protocol, led to the traffic to many popular websites being routed for around six minutes. BGP… https://www.virusbulletin.com/blog/2017/12/throwback-thursday-bgp-route-hijacking-rpki-how-vulnerable-internet/

December

https://www.virusbulletin.com/blog/2017/12/

Security Planner gives security advice based on your threat model

Citizen Lab's Security Planner helps you improve your online safety, based on the specific threats you are facing.
During the upcoming holiday season, many security professionals will be visiting relatives and, during their visit, being asked to fulfil the role of ad-hoc tech support. Apart… https://www.virusbulletin.com/blog/2017/12/security-planner-gives-security-advice-based-your-threat-model/

VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week

Today, we publish the video of the VB2017 presentation by Avast researcher Jakub Kroustek and his former colleague Előd Kironský, now at ESET, who told the story of Spora, one of of the most prominent ransomware families of 2017.
First discovered at the beginning of the year, the Spora ransomware has become one of of the most prominent ransomware families of 2017, especially in Russia, a region it appears… https://www.virusbulletin.com/blog/2017/12/vb2017-video-spora-saga-continues-k-how-ruin-your-research-week/

VB2017 paper: Modern reconnaissance phase on APT – protection layer

During recent research, Cisco Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. At VB2017 in Madrid…
Targeted attack campaigns involve multiple stages, the first of which consists of collecting information about the target: the reconnaissance phase. It's an essential part of any… https://www.virusbulletin.com/blog/2017/12/vb2017-paper-modern-reconnaissance-phase-apt-protection-layer/

VB2017 paper: Peering into spam botnets

At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.
Spam continues to be an important infection vector for many malware campaigns, but while a lot of attention is paid to the payloads delivered by these campaigns – Andrew Brandt's… https://www.virusbulletin.com/blog/2017/12/vb2017-paper-peering-spam-botnets/

Throwback Thursday: Anti-malware testing undercover

We look back at the VB2016 presentation by Righard Zwienenberg (ESET) and Luis Corrons (Panda Security), in which they discussed various issues relating to anti-malware testing.
The testing of security products has been a hotly debated topic in the industry for at least the past two decades. It was, for instance, the topic of a popular VB2017 paper by… https://www.virusbulletin.com/blog/2017/11/throwback-thursdayanti-malware-testing-undercover/

Virus Bulletin relaunches VB Security Jobs Market for both employers and job seekers

As an independent body in the IT security industry, Virus Bulletin is in an ideal position to act as a global source of information both about jobs currently available in the field and about those candidates currently seeking to start or progress their ca…
We don't like dramatic headlines here at Virus Bulletin, and whether there really are one million security job openings, as is often claimed, we don't know (there probably… https://www.virusbulletin.com/blog/2017/11/virus-bulletin-relaunches-vb-security-jobs-market-both-employers-and-job-seekers/

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other …
Few readers of this blog will believe that there aren't any security issues with Apple's macOS operating system, a point made rather unsubtly by yesterday's discovery of a flaw… https://www.virusbulletin.com/blog/2017/11/vb2017-paper-offensive-malware-analysis-dissecting-osxfruitflyb-custom-cc-server/

Tizi Android malware highlights the importance of security patches for high-risk users

Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.
A well-known security researcher once said: "if you purposely choose Android you are either Poor, Cheap, or really hate Apple." Android has a bad reputation in security… https://www.virusbulletin.com/blog/2017/11/tizi-android-malware-highlights-importance-security-patches-high-risk-users/

Virus Bulletin to attend AMTSO, AVAR and Botconf

Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.
Next week, Virus Bulletin will attend a number of important security conferences in Beijing, China and Montpellier, France.     In Beijing, security… https://www.virusbulletin.com/blog/2017/11/virus-bulletin-attend-amtso-avar-and-botconf/

VB2017 video: FinFisher: New techniques and infection vectors revealed

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.
Over the last few years, the infamous FinFisher government spyware (already the subject of a VB2013 paper) has done a good job of staying under the radar. Recently, however, it… https://www.virusbulletin.com/blog/2017/11/vb2017-video-finfisher-new-techniques-and-infection-vectors-revealed/

Throwback Thursday: The beginning of the end(point): where we are now and where we'll be in five years

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.
Over the coming weeks and months, we plan to use the Throwback Thursday slot to look back at and publish some great VB conference presentations from our archives. We start… https://www.virusbulletin.com/blog/2017/11/vb2017-video-beginning-endpoint-where-we-are-now-and-where-well-be-five-years/

« Previous 1...1516171819...121 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.