VB Blog

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

Posted by Martijn Grooten on Nov 29, 2017

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.

Posted by Martijn Grooten on Nov 28, 2017

Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.

Posted by Martijn Grooten on Nov 27, 2017

Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.

Posted by Martijn Grooten on Nov 24, 2017

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.

Posted by Martijn Grooten on Nov 23, 2017

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

Posted by Martijn Grooten on Nov 22, 2017

At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

Posted by Martijn Grooten on Nov 21, 2017

Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

Posted by Martijn Grooten on Nov 16, 2017

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

Posted by Martijn Grooten on Nov 13, 2017

Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB2017 in Madrid, in which she shared her inside view of security in hospitals.

Posted by Martijn Grooten on Nov 9, 2017

Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.

Previous1...2728293031...215Next

Search blog

Google stashing adware on Dell systems, says OpenDNS founder

Toolbar partnership accused of devious spyware tactics.
Toolbar partnership accused of devious spyware tactics. The partnership between search giant Google and hardware behemoth Dell, which has led to the popular Google Toolbar being… https://www.virusbulletin.com/blog/2007/05/google-stashing-adware-dell-systems-says-opendns-founder/

New OpenOffice proof-of-concept widely noted

Odd payload, not spreading danger, brings attention to cross-platform worm.
Odd payload, not spreading danger, brings attention to cross-platform worm. A new proof-of-concept malware exploiting the OpenOffice document format has made headlines across the… https://www.virusbulletin.com/blog/2007/05/new-openoffice-proof-concept-widely-noted/

Overflows hit NOD32

Vulnerabilities disclosed after patching.
Vulnerabilities disclosed after patching. Two stack-overflow vulnerabilities have been disclosed in Eset's flagship NOD32 AntiVirus product, which could have been exploited to… https://www.virusbulletin.com/blog/2007/05/overflows-hit-nod32/

IETF accepts DKIM specification as proposed standard

Email authentication system moves to approval stage.
Email authentication system moves to approval stage. The Internet Engineering Task Force (IETF), the body overseeing the technical running of the Internet, has accepted a new… https://www.virusbulletin.com/blog/2007/05/ietf-accepts-dkim-specification-proposed-standard/

Norton FP trashes Chinese systems

Vital DLLs flagged as malware disable Windows XP across China.
Vital DLLs flagged as malware disable Windows XP across China. A serious false positive, caused by an erroneous update to Symantec's Norton Anti-virus product range issued late… https://www.virusbulletin.com/blog/2007/05/norton-fp-trashes-chinese-systems/

Zango sues PC Tools for $35 million

'Reformed' adware shippers upset by detection and removal.
'Reformed' adware shippers upset by detection and removal. Adware and sometime spyware maker Zango has brought a suit against anti-spyware firm PC Tools complaining that the… https://www.virusbulletin.com/blog/2007/05/zango-sues-pc-tools-35-million/

New spam-fighting system for France

Junk mail blacklisting project goes live.
Junk mail blacklisting project goes live. A group of public bodies and private companies have joined forces to implement a new system allowing French email users to report spam… https://www.virusbulletin.com/blog/2007/05/new-spam-fighting-system-france/

Estonian websites suffer wave of DoS attacks

Baltic republic accuses Russia of cyber-warfare.
Baltic republic accuses Russia of cyber-warfare. A wave of denial of service (DoS) attacks on Estonian websites has prompted the Estonian government to accuse its neighbour of… https://www.virusbulletin.com/blog/2007/05/estonian-websites-suffer-wave-dos-attacks/

Verizon acquires Cybertrust

ICSA Labs parent company subsumed.
ICSA Labs parent company subsumed.Verizon Business, a division of Verizon Communications has announced that it is set to acquire managed security services supplier Cybertrust. The… https://www.virusbulletin.com/blog/2007/05/verizon-acquires-cybertrust/

Symantec files 8 piracy suits

Symantec pursues distributors of counterfeit software.
Symantec pursues distributors of counterfeit software.Symantec has revealed that it has filed civil lawsuits against eight US and Canadian companies accused of selling counterfeit… https://www.virusbulletin.com/blog/2007/05/symantec-files-8-piracy-suits/

1.4 million Chinese infected over holiday week

May vacations bring trojan avalanche for gamers and filesharers.
May vacations bring trojan avalanche for gamers and filesharers. Chinese computers, in heavy use with many people off work for the Labour Day holiday week, have suffered a major… https://www.virusbulletin.com/blog/2007/05/1-4-million-chinese-infected-over-holiday-week/

Latest flaws affect AV giants

Symantec, McAfee and CA all patch vulnerabilities.
Symantec, McAfee and CA all patch vulnerabilities. Three of the biggest names in the security sector, McAfee, Symantec and CA, have all revealed details of flaws in their software… https://www.virusbulletin.com/blog/2007/05/latest-flaws-affect-av-giants/

Phishing techniques and technology revealed

Serious software used to analyse phished data, and a phisher talks.
Serious software used to analyse phished data, and a phisher talks. Some insights into the workings of phishing scams were revealed this week, as a sophisticated tool designed to… https://www.virusbulletin.com/blog/2007/05/phishing-techniques-and-technology-revealed/

ZOO archive issues hit security vendors

Errors handling rare format patched by four AV and anti-spam products.
Errors handling rare format patched by four AV and anti-spam products. A researcher has revealed details of flawed implementation of a somewhat archaic archive format, .zoo, which… https://www.virusbulletin.com/blog/2007/05/zoo-archive-issues-hit-security-vendors/

Phishing moves into more new areas

Surveys, phone lines, USB sticks and call girls the latest tactics for spammers and phishers.
Surveys, phone lines, USB sticks and call girls the latest tactics for spammers and phishers. The latest social-engineering methods being put to use by phishers show no let up in… https://www.virusbulletin.com/blog/2007/05/phishing-moves-more-new-areas/

7 critical flaws patched on Patch Tuesday

May Security Bulletin covers wide range of vulnerabilities.
May Security Bulletin covers wide range of vulnerabilities.Microsoft's latest 'Patch Tuesday' security bulletin included fixes for seven vulnerabilities, all rated 'Critical' and… https://www.virusbulletin.com/blog/2007/05/7-critical-flaws-patched-patch-tuesday/

Five ISPs hosting a third of malware, says study

StopBadware survey finds small group of ISPs most to blame.
StopBadware survey finds small group of ISPs most to blame. In a recent study of almost 50,000 sites known to be hosting malware, five ISPs have been identified as repeat… https://www.virusbulletin.com/blog/2007/05/five-isps-hosting-third-malware-says-study/

Microsoft to beat Symantec to corporate release punch

With Forefront due out soon, Symantec's latest release suffers further delay.
With Forefront due out soon, Symantec's latest release suffers further delay.Microsoft has announced the release to manufacture of Forefront Client, the corporate implementation of… https://www.virusbulletin.com/blog/2007/05/microsoft-beat-symantec-corporate-release-punch/

Law to stop spam reaching kids dubbed a failure

Utah registry to protect children's email leaks cash and addresses.
Utah registry to protect children's email leaks cash and addresses. A law enacted in the state of Utah, as well as some other states, with the aim of preventing spammers from… https://www.virusbulletin.com/blog/2007/05/law-stop-spam-reaching-kids-dubbed-failure/

I-SPY chases SPY-ACT through approval process

Second piece of US anti-spyware legislation given go-ahead.
Second piece of US anti-spyware legislation given go-ahead. With the 'Securely Protect Yourself Against Cyber Trespass Act' (aka SPY-ACT act) approved by a House of Representatives… https://www.virusbulletin.com/blog/2007/05/i-spy-chases-spy-act-through-approval-process/

« Previous 1...8384858687...121 Next »