VB Blog

VB2016 paper: Debugging and monitoring malware network activities with Haka

Posted by   Martijn Grooten on   Apr 24, 2017

In their VB2016 paper, Stormshield researchers Benoît Ancel and Mehdi Talbi introduced Haka, an open-source language to monitor, debug and control malicious network traffic. Both their paper and the video recording of their presentation are now available to read/view on www.virusbulletin.com.

Read more  

VB2017: a wide ranging and international conference programme

Posted by   Martijn Grooten on   Apr 13, 2017

We are proud to announce a very broad and very international programme for VB2017, which will take place in Madrid, 4-6 October 2017.

Read more  

John Graham-Cumming and Brian Honan to deliver keynote addresses at VB2017

Posted by   Martijn Grooten on   Apr 10, 2017

Virus Bulletin is excited to announce John-Graham Cumming and Brian Honan as the two keynote speakers for VB2017 in Madrid.

Read more  

Virus Bulletin says a fond farewell to John Hawes

Posted by   Martijn Grooten on   Mar 31, 2017

As VB's COO John Hawes moves on to new challenges, the team wish him a fond farewell and good luck in his future endeavours.

Read more  

VB2016 paper: One-Click Fileless Infection

Posted by   Martijn Grooten on   Mar 28, 2017

Symantec researchers Himanshu Anand and Chastine Menrige explain how a single click can lead to a compromised machine, without malware ever being stored on disk.

Read more  

Mostly blocked, but still good enough: Necurs sending pump-and-dump spam

Posted by   Martijn Grooten on   Mar 22, 2017

The Necurs botnet has started sending pump-and-dump spam. Almost all of these emails are blocked by spam filters, yet the stock price still increased.

Read more  

Why the SHA-1 collision means you should stop using the algorithm

Posted by   Martijn Grooten on   Mar 10, 2017

Realistically speaking, if your software or system uses the SHA-1 hashing algorithm, it is unlikely that it will be exploited in the foreseeable future. But it is also extremely difficult to be certain that your system won't be the exception.

Read more  

VB2017 Call for Papers: frequently asked questions

Posted by   Martijn Grooten on   Mar 10, 2017

The call for papers for VB2017, which takes place 4 to 6 October in Madrid, Spain, is currently open. We're always on the look out for new speakers and new content, so to help anyone who's unfamiliar with the VB conference, we've prepared a list of answers to some frequently asked questions about the event, and about how to submit a paper.

Read more  

Throwback Thursday: Michelangelo - Graffiti Not Art

Posted by   Helen Martin on   Mar 9, 2017

This week marked the 25th anniversary of the trigger date of the infamous Michelangelo virus. In January 1992, VB published an analysis of the boot sector virus that captured the imagination of the press and kicked up a media storm.

Read more  

How are you defending your network? Come and tell us at VB2017!

Posted by   Martijn Grooten on   Mar 8, 2017

Is it your job to defend your company’s network? Are you defending a government’s systems? Do you help secure the devices used by activists operating in less open societies? Do you work with abuse victims targeted by spyware? Share your experiences with the security community at VB2017.

Read more  
Previous1...3637383940...215Next

Search blog

New paper: Botception: botnet distributes script with bot capabilities

In a new paper, Avast researchers Jan Sirmer and Adolf Streda look at how a spam campaign sent via the Necurs botnet was delivering the Flawed Ammyy RAT. As well as publishing the paper, we have also released the video of the reseachers' VB2018 presentati…
The Necurs botnet has been active for some time. In 2014, Virus Bulletin published a 3-part article by Peter Ferrie (1, 2, 3) who had studied the botnet in great detail. And… https://www.virusbulletin.com/blog/2018/12/new-paper-botception-botnet-distributes-script-bot-capabilities/

VB2018 video: Behind the scenes of the SamSam investigation

Today we have published the video of the VB2018 presentation by Andrew Brandt (Sophos) on the SamSam ransomware, which became hot news following the indictment of its two suspected authors yesterday.
Yesterday, a federal grand jury in the US unsealed an indictment charging two Iranians with being behind the SamSam ransomware. SamSam has been one of the most successful… https://www.virusbulletin.com/blog/2018/11/vb2018-video-behind-scenes-samsam-investigation/

VB2018 video: Foreverdays: tracking and mitigating threats targeting civil society orgs

Today, we publish the video of the VB2018 presentation by CitizenLab researchers Masashi Nishihata and John Scott Railton, on threats faced by civil society.
Israel's NSO Group is in hot water following a Haaretz report that revealed that the company negotiated with the Saudi government on the sale of its spyware, leading the local… https://www.virusbulletin.com/blog/2018/11/vb2018-video-foreverdays-tracking-and-mitigating-threats-targeting-civil-society-orgs/

Latest Virus Bulletin report shows the difference web security products make

The latest Virus Bulletin web security report sees Kaspersky, Trustwave and Fortinet all achieve VBWeb certification, but also see some products struggle with the new Fallout exploit kit.
Extremely targeted attacks aside, when a user gets infected through the web, it means something has happened that should not have. Either the user clicked on a link they shouldn't… https://www.virusbulletin.com/blog/2018/11/latest-virus-bulletin-report-shows-difference-web-security-products-make/

Subscribe to the relaunched Virus Bulletin eNews newsletter

Subscribe to the re-launched Virus Bulletin eNews Newsletter to receive regular updates on the latest threat intelligence sources directly in your inbox.
Today, we relaunched the Virus Bulletin eNews newsletter. The newsletter provides weekly updates of what is happening both at Virus Bulletin and in the wider security… https://www.virusbulletin.com/blog/2018/11/subscribe-relaunched-virus-bulletin-enews-newsletter/

VB2018 paper: Since the hacking of Sony Pictures

The Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial institutions around the world. Today we publish the VB2018 paper by AhnLab researcher Minseok (Jacky) Ch…
Recent activity shows that the Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial… https://www.virusbulletin.com/blog/2018/11/vb2018-paper-hacking-sony-pictures/

VB2018 video: Shedding skin - Turla's fresh faces

Today, we have published the video of a VB2018 presentation by Kaspersky Lab researchers Kurt Baumgartner and Mike Scott, who looked at the latest activity of the Turla group.
"Capable, well-resourced, and they go back decades." The Turla threat group doesn't make the news as much as some other Russian-speaking APT groups, but it is one of the most… https://www.virusbulletin.com/blog/2018/11/vb2018-video-shedding-skin-turlas-fresh-faces/

VB2018 video: Triada: the past, the present and the (hopefully not existing) future

Today we publish the video of the VB2018 presentation by Google researcher Lukasz Siewierski on the Triada Android malware and Google's work with OEMs to remove it from infected devices.
From NotPetya to Shadowpad, supply chain attacks have become a serious and hard-to-fight security problem. One prominent type of supply chain attack involves the pre-installation… https://www.virusbulletin.com/blog/2018/11/vb2018-video-triada-past-present-and-hopefully-not-existing-future/

VB2018 paper: Uncovering the wholesale industry of social media fraud: from botnet to bulk reseller panels

Today, we publish the VB2018 paper by Masarah Paquet-Clouston (GoSecure) who looked at the supply chain behind social media fraud.
On the day of the 2018 US mid-term elections, there will be few who are not aware of the activity of botnets on social media and how these, allegedly, have tried to influence… https://www.virusbulletin.com/blog/2018/11/vb2018-paper-uncovering-wholesale-industry-social-media-fraud-botnet-bulk-reseller-panels/

November

https://www.virusbulletin.com/blog/2018/11/

VB2018 paper: Now you see it, now you don't: wipers in the wild

Today, we publish the VB2018 paper from Saher Naumaan (BAE Systems) who looks at malware variants that contain a wiper functionality. We also publish the recording of her presentation.
Early computer viruses were often destructive in nature, but once criminals learned about the money they could make from malware, they realised that destructiveness hurt their… https://www.virusbulletin.com/blog/2018/11/vb2018-paper-now-you-see-it-now-you-dont-wipers-wild/

Emotet trojan starts stealing full emails from infected machines

The infamous Emotet trojan has added the capability to steal full email bodies from infected machines, opening the possibilities for more targeted spam and phishing campaigns.
Researchers at Kryptos Logic have discovered that the Emotet banking trojan is exfiltrating entire email bodies as opposed to merely email addresses. Emotet was first discovered… https://www.virusbulletin.com/blog/2018/10/emotet-trojan-starts-stealing-full-emails-infected-machines/

VB2018 paper: Who wasn’t responsible for Olympic Destroyer?

Cisco Talos researchers Paul Rascagnères and Warren Mercer were among the first to write about the Olympic Destroyer, the malware that targeted the 2018 PyeongChang Winter Olympic Games. Today, we publish the paper they presented at VB2018 about the malwa…
It may be hard to believe, but it was only eight months ago that the 2018 PyeongChang Winter Olympic Games were targeted by malware named Olympic Destroyer. Though not the first… https://www.virusbulletin.com/blog/2018/10/who-wasnt-responsible-olympic-destroyer/

VB2018 paper: From drive-by download to drive-by mining: understanding the new paradigm

Today, we publish the VB2018 paper by Malwarebytes researcher Jérôme Segura, in which he details the shift from exploit kits to drive-by mining. We also publish the video of his VB2018 presentation.
When it comes to web-based threats, Malwarebytes researcher Jérôme Segura is one of the people to follow. His quarterly reviews of the exploit kit landscape are an essential read… https://www.virusbulletin.com/blog/2018/10/vb2018-paper-drive-download-drive-mining-understanding-new-paradigm/

VB2018 presentation: The wolf in sheep's clothing - undressed

Today, we publish the video of the VB2018 presentation by CSIS researchers Benoît Ancel and Aleksejs Kuprins, who looked at a rather dubious seller of government spyware, described by someone else operating in the same space as a "criminal of the worst ki…
In recent years, we have seen a trend of commercial spyware being sold to governments. This is a very controversial subject, not least because of the frequent use of this spyware… https://www.virusbulletin.com/blog/2018/10/wolf-sheeps-clothing-undressed/

VB2018 paper: The dark side of WebAssembly

Today, we publish the VB2018 paper by Symantec researchers Aishwarya Lonkar and Siddhesh Chandrayan on the security risks that come with WebAssembly.
With this year's very successful Virus Bulletin Conference (VB2018) now behind us, we plan to continue the tradition of publishing most of the papers and videos of the… https://www.virusbulletin.com/blog/2018/10/vb2018-paper-dark-side-webassembly/

The Virus Bulletin conference returns home: VB2019 to take place in London

In 2019, the Virus Bulletin conference is set to return home, with VB2019 taking place in London, UK.
In July 1989, the first ever Virus Bulletin magazine was published from its home in Oxfordshire, UK – a monthly publication focusing on the emerging threat of computer viruses.… https://www.virusbulletin.com/blog/2018/10/virus-bulletin-conference-returns-home-vb2019-take-place-london/

Guest blog: The case for increasing transparency in cybersecurity

In a guest blog post, Kaspersky Lab's Anton Shingarev considers the case for increasing transparency in cybersecurity.
In a guest blog post by VB2018 gold partner Kaspersky Lab, Anton Shingarev, Vice President, Public Affairs, considers the case for increasing transparency in cybersecurity.… https://www.virusbulletin.com/blog/2018/10/guest-blog-case-increasing-transparency-cybersecurity/

October

https://www.virusbulletin.com/blog/2018/10/

VB2018 preview: Workshops

Workshops make their VB Conference debut during VB2018, giving delegates the opportunity to learn the basics of kernel-level malware analysis, Android reverse-engineering and artificial intelligence.
The Virus Bulletin Conference is first and foremost a place to learn: about new threats, about the tools used to detect and fight them, and to learn about (and get to know) the… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-workshops/

« Previous 1...910111213...121 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.