VB Blog

Out-of-band patch release from Adobe

Posted by   Virus Bulletin on   Feb 17, 2010

Unscheduled update released by Adobe.

Read more  

Patch Tuesday release includes 13 bulletins

Posted by   Virus Bulletin on   Feb 10, 2010

26 vulnerabilities featured in sizeable update set.

Read more  

February issue of VB published

Posted by   Virus Bulletin on   Feb 1, 2010

The February issue of Virus Bulletin is now available for subscribers to download.

Read more  

EU report suggests 95% of email is spam

Posted by   Virus Bulletin on   Jan 26, 2010

Less than five per cent of all SMTP connections result in an email being delivered into a user's inbox.

Read more  

January issue of VB published

Posted by   Virus Bulletin on   Jan 1, 2010

The January issue of Virus Bulletin is now available for subscribers to download.

Read more  

Botnets becoming more robust

Posted by   Virus Bulletin on   Dec 15, 2009

Zeus botnet used Amazon's in-the-cloud service to control bots.

Read more  

Project Honey Pot 'celebrates' billionth spam message

Posted by   Virus Bulletin on   Dec 15, 2009

Facebook about to become most phished organization.

Read more  

IE zero-day bug fixed in Patch Tuesday updates

Posted by   Virus Bulletin on   Dec 9, 2009

Serious browser bug main feature of monthly alerts, Adobe Flash issue also patched.

Read more  

Next VB100 comparative announced

Posted by   Virus Bulletin on   Dec 9, 2009

SUSE test to challenge Linux products.

Read more  

False positive problem hits avast! users

Posted by   Virus Bulletin on   Dec 9, 2009

Human failure blamed for faulty update.

Read more  
Previous1...105106107108109...215Next

Search blog

VB2015 conference programme announced

From drones to elephants: an exciting range of topics will be covered in Prague.
From drones to elephants: an exciting range of topics will be covered in Prague. In six months' time, security researchers from around the world will gather in Prague for the 25th… https://www.virusbulletin.com/blog/2015/03/conference-programme-announced/

Paper: a timeline of mobile botnets

Ruchna Nigam provides an overview of more than 60 mobile malware families.
Ruchna Nigam provides an overview of more than 60 mobile malware families. The rise of mobile malware is still a relatively recent thing, with the first actual mobile botnets not… https://www.virusbulletin.com/blog/2015/03/paper-timeline-mobile-botnets/

Paper: Dylib hijacking on OS X

Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks.
Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks. A few years ago, DLL hijacking on Windows was really hot, despite the fact that the concept had… https://www.virusbulletin.com/blog/2015/03/paper-dylib-hijacking-os-x/

Paper: Windows 10 patching process may leave enterprises vulnerable to zero-day attacks

Aryeh Goretsky gives advice on how to adapt to Windows 10's patching strategy.
Aryeh Goretsky gives advice on how to adapt to Windows 10's patching strategy. Patching is hard, especially when the code base is old and the bugs are buried deeply. This was… https://www.virusbulletin.com/blog/2015/03/paper-windows-10-patching-process-may-leave-enterprises-vulnerable-zero-day-attacks/

Will DIME eventually replace email?

Protocol has all the advantages of email, yet is orders of magnitude more secure.
Protocol has all the advantages of email, yet is orders of magnitude more secure. In the current Internet era sometimes referred to as 'post-Snowden', it is often said that email… https://www.virusbulletin.com/blog/2015/03/will-dime-eventually-replace-email/

The ghost of Stuxnet past

Microsoft patches .LNK vulnerability after 2010 patch was found to be incomplete.
Microsoft patches .LNK vulnerability after 2010 patch was found to be incomplete. Mention Stuxnet and you'll have many a security researcher's attention. The worm, which was… https://www.virusbulletin.com/blog/2015/03/ghost-stuxnet-past/

Virus Bulletin seeks hackers, network researchers for VB2015

One week left to submit an abstract for the 25th Virus Bulletin conference.
One week left to submit an abstract for the 25th Virus Bulletin conference. A few weeks ago, I made a short visit to the Clarion Congress Hotel in Prague, where VB2015 will take… https://www.virusbulletin.com/blog/2015/03/seeks-hackers-network-researchers/

Canadian firm fined $1.1m for breaching anti-spam law

First success story for long-awaited CASL.
First success story for long-awaited CASL. The Canadian Radio-television and Telecommunications Commission (CRTC), the agency responsible for enforcing Canada's anti-spam law… https://www.virusbulletin.com/blog/2015/03/canadian-firm-fined-1-1m-breaching-anti-spam-law/

VB2014 paper: Leaving our ZIP undone: how to abuse ZIP to deliver malware apps

Gregory Panakkal explains that there are different ways of looking at APK files - and that sometimes that can have unintended consequences.
Gregory Panakkal explains that there are different ways of looking at APK files - and that sometimes that can have unintended consequences.Since the close of the VB2014 conference… https://www.virusbulletin.com/blog/2015/03/paper-leaving-our-zip-undone-how-abuse-zip-deliver-malware-apps/

FREAK attack takes HTTPS connections back to 1990s security

Golden keys from the (first) crypto wars have come back to haunt us.
Golden keys from the (first) crypto wars have come back to haunt us. When a web client makes a secure connection to a web server (using HTTPS), it starts by sending a 'Hello'… https://www.virusbulletin.com/blog/2015/03/freak-attack-takes-https-connections-back-1990s-security/

TorrentLocker spam has DMARC enabled

Use of email authentication technique unlikely to bring any advantage.
Use of email authentication technique unlikely to bring any advantage. Last week, Trend Micro researcher Jon Oliver (who presented a paper on Twitter abuse at VB2014) wrote an… https://www.virusbulletin.com/blog/2015/03/torrentlocker-spam-has-dmarc-enabled/

Paper: Script in a lossy stream

Dénes Óvári explains how to store code in lossily compressed JPEG data.
Dénes Óvári explains how to store code in lossily compressed JPEG data. Malformed PDFs have become a common way to deliver malware. Naturally, when this started to happen,… https://www.virusbulletin.com/blog/2015/03/paper-script-lossy-stream/

March

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/03/

VB2014 paper: Caphaw - the advanced persistent pluginer

Micky Pun and Neo Tan analyse the banking trojan that is best known for spreading through Skype.
Micky Pun and Neo Tan analyse the banking trojan that is best known for spreading through Skype.Since the close of the VB2014 conference in Seattle in October, we have been sharing… https://www.virusbulletin.com/blog/2015/02/paper-caphaw-advanced-persistent-pluginer/

M3AAWG releases BCP document on dealing with child sexual abuse material

Subject may make many feel uncomfortable, but it is essential that we know how to deal with it.
Subject may make many feel uncomfortable, but it is essential that we know how to deal with it. The mere mention of "child pornography" on the Internet makes many a security expert… https://www.virusbulletin.com/blog/2015/02/m3aawg-releases-bcp-document-dealing-child-sexual-abuse-material/

Hacker group takes over Lenovo's DNS

As emails were sent to wrong servers, DNSSEC might be worth looking into.
As emails were sent to wrong servers, DNSSEC might be worth looking into. Although, after some initial hesitation, Lenovo was rather frank in its admission of messing up regarding… https://www.virusbulletin.com/blog/2015/02/hacker-group-takes-over-lenovo-s-dns/

Coordinated action takes down Ramnit botnet infrastructure

Malware remains present on infected machines; 2012 Virus Bulletin paper worth studying.
Malware remains present on infected machines; 2012 Virus Bulletin paper worth studying. A coordinated action from Anubisnetworks, Microsoft and Symantec, together with Europol has… https://www.virusbulletin.com/blog/2015/02/coordinated-action-takes-down-ramnit-botnet-infrastructure/

Almost 50% increase in reported vulnerabilities as non-Windows operating systems lead the table

Each discovered vulnerability is actually a good news story.
Each discovered vulnerability is actually a good news story. Last week, security firm GFI published some research in which it looked at the number of vulnerabilities reported last… https://www.virusbulletin.com/blog/2015/02/almost-50-increase-reported-vulnerabilities-non-windows-operating-systems-lead-table/

Vawtrak trojan spread through malicious Office macros

Users easily tricked, but plenty of opportunity for the malware to be blocked.
Users easily tricked, but plenty of opportunity for the malware to be blocked. Researchers at Trend Micro report that the 'Vawtrak' banking trojan now also spreads through Office… https://www.virusbulletin.com/blog/2015/02/vawtrak-trojan-spread-through-malicious-office-macros/

Lenovo laptops pre-installed with software that adds its own root CA certificate

Shared root certificate makes for easy man-in-the-middle attacks.
Shared root certificate makes for easy man-in-the-middle attacks.What is Superfish?Superfish is a product that offers 'Visual Search'. Say, for example, you are looking at cat… https://www.virusbulletin.com/blog/2015/02/lenovo-laptops-pre-installed-software-adds-its-own-root-ca-certificate/

« Previous 1...3233343536...121 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.