VB Blog

Necurs pump-and-dump spam campaign pushes obscure cryptocurrency

Posted by   Martijn Grooten on   Jan 16, 2018

A Necurs pump-and-dump spam campaign pushing the lesser known Swisscoin botnet is mostly background noise for the Internet.

Read more  

Alleged author of creepy FruitFly macOS malware arrested

Posted by   Martijn Grooten on   Jan 11, 2018

A 28-year old man from Ohio has been arrested on suspicion of having created the mysterious FruitFly malware that targeted macOS and used it to spy on its victims.

Read more  

The threat and security product landscape in 2017

Posted by   Martijn Grooten on   Jan 10, 2018

At the start of the new year, Virus Bulletin looks back at the threats seen in the 2017 and at the security products that are available to help mitigate them.

Read more  

Spamhaus report shows many botnet controllers look a lot like legitimate servers

Posted by   Martijn Grooten on   Jan 9, 2018

Spamhaus's annual report on botnet activity shows that botherders tend to use popular, legitimate hosting providers, domain registrars and top-level domains when setting up command-and-control servers.

Read more  

Tips on researching tech support scams

Posted by   Martijn Grooten on   Jan 5, 2018

As tech support scammers continue to target the computer illiterate through cold calling, VB's Martijn Grooten uses his own experience to share some advice on how to investigate such scams.

Read more  

Meltdown and Spectre attacks mitigated by operating system updates

Posted by   Martijn Grooten on   Jan 4, 2018

Just four days into the new year, two serious attacks in modern processors, dubbed Meltdown and Spectre, have been discovered. The attacks can be mitigated by patches to the operating system, but anti-virus software vendors need to make sure their products are compatible with the patches.

Read more  

Conference review: AVAR 2017

Posted by   Martijn Grooten on   Dec 22, 2017

Martijn Grooten reports on the 20th AVAR conference, which took place earlier in December in Beijing, China.

Read more  

Conference review: Botconf 2017

Posted by   Virus Bulletin on   Dec 22, 2017

Virus Bulletin researchers report back from a very interesting fifth edition of Botconf, the botnet fighting conference.

Read more  

VB2017 videos on attacks against Ukraine

Posted by   Martijn Grooten on   Dec 21, 2017

(In)security is a global issue that affects countries around the world, but in recent years none has been so badly hit as Ukraine. Today, we publish the videos of two VB2017 talks about attacks that hit Ukraine particularly badly: a talk by Alexander Adamov (NioGuard) on (Not)Petya and related attacks, and another by Robert Lipovsky and Anton Cherepanov (ESET) on Industroyer.

Read more  

Facebook helps you determine whether emails really came from its servers

Posted by   Martijn Grooten on   Dec 21, 2017

On its website, Facebook now shows which emails it has sent you recently, thus helping you to determine which emails are real, and which should be discarded as phishing.

Read more  
Previous1...2526272829...215Next

Search blog

Google relaxes disclosure policy following criticism

Grace period added for vulnerabilities that are about to be patched.
Grace period added for vulnerabilities that are about to be patched. Last year, Google announced a new disclosure policy, where details of a vulnerability discovered by the… https://www.virusbulletin.com/blog/2015/02/google-relaxes-disclosure-policy-following-criticism/

VB2014 video: .NET malware dynamic instrumentation for automated and manual analysis

Hexiang Hu used tool to detect Bladabindi backdoor.
Hexiang Hu used tool to detect Bladabindi backdoor. The .NET framework is a popular way to write software. As applications built with the framework compile into a Common… https://www.virusbulletin.com/blog/2015/02/video-net-malware-dynamic-instrumentation-automated-and-manual-analysis/

Facebook launches platform for sharing of threat intelligence

Twitter, Yahoo! amongst early participants in 'ThreatExchange'.
Twitter, Yahoo! amongst early participants in 'ThreatExchange'. When I took my first steps in the security industry, I was surprised by just how much information was shared between… https://www.virusbulletin.com/blog/2015/02/facebook-launches-platform-sharing-threat-intelligence/

VirusTotal project aims to remediate false positives

Security vendors to receive alerts when legitimate files are detected as malicious.
Security vendors to receive alerts when legitimate files are detected as malicious.False positives are a huge problem for the IT industry in general and for security products in… https://www.virusbulletin.com/blog/2015/02/virustotal-project-aims-remediate-false-positives/

VB2014 paper: P0wned by a barcode: stealing money from offline users

Fabio Assolini explains how cybercriminals are targeting boletos.
Fabio Assolini explains how cybercriminals are targeting boletos.Since the close of the VB2014 conference in Seattle in October, we have been sharing VB2014 conference papers as… https://www.virusbulletin.com/blog/2015/02/paper-p0wned-barcode-stealing-money-offline-users/

Adobe issues patch for yet another Flash Player zero-day

CVE-2015-0313 used in the wild as long ago as December.
CVE-2015-0313 used in the wild as long ago as December. Adobe has just issued an out-of-band patch for its Flash Player to fix a zero-day vulnerability that is actively being… https://www.virusbulletin.com/blog/2015/02/adobe-issues-patch-yet-another-flash-player-zero-day/

VB2014 paper: We know it before you do: predicting malicious domains

Wei Xu and his colleagues attempt to block domains before they're used for bad purposes.
Wei Xu and his colleagues attempt to block domains before they're used for bad purposes.Since the close of the VB2014 conference in Seattle in October, we have been sharing VB2014… https://www.virusbulletin.com/blog/2015/02/paper-we-know-it-you-do-predicting-malicious-domains/

Praise for the unsung heroes of email

Many decent performances in VB's latest comparative spam filter test.
Many decent performances in VB's latest comparative spam filter test. A decade ago, there were optimists who thought that the spam problem would soon be eradicated. At the same… https://www.virusbulletin.com/blog/2015/02/praise-unsung-heroes-email/

Low VirusTotal detection rates for new malware, do they matter?

It is not as important as is often suggested — and doesn't mean the malware is allowed to execute.
It is not as important as is often suggested — and doesn't mean the malware is allowed to execute. It is fairly common these days for security researchers to write about new… https://www.virusbulletin.com/blog/2015/02/low-virustotal-detection-rates-new-malware-do-they-matter/

'RansomWeb' ransomware targets companies' databases

Encryption first added as a patch, key only removed when all backups are encrypted.
Encryption first added as a patch, key only removed when all backups are encrypted. Make backups, they said. Then you won't have to worry about ransomware, they said. Ransomware… https://www.virusbulletin.com/blog/2015/02/ransomweb-ransomware-targets-companies-databases/

From roadie to security rock star: it can happen

To break into security, start by getting a job in the industry.
To break into security, start by getting a job in the industry. You don't have to be a regular reader of this blog to know that computer security is very important in our… https://www.virusbulletin.com/blog/2015/02/roadie-security-rock-star-it-can-happen/

February

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/02/

Frequently asked questions about VB2015 conference submissions

No, it doesn't have to be about malware and no, it doesn't have to be deeply technical either!
No, it doesn't have to be about malware and no, it doesn't have to be deeply technical either! Last month, we opened the call for papers for VB2015, the 25th Virus Bulletin… https://www.virusbulletin.com/blog/2015/01/frequently-asked-questions-about-conference-submissions/

VB2014 paper: Ubiquitous Flash, ubiquitous exploits and ubiquitous mitigation

Chun Feng and Elia Florio analyse two Flash Player vulnerabilities and an IE one where Flash provides a helping hand.
Chun Feng and Elia Florio analyse two Flash Player vulnerabilities and an IE one where Flash provides a helping hand.Since the close of the VB2014 conference in Seattle in October,… https://www.virusbulletin.com/blog/2015/01/paper-ubiquitous-flash-ubiquitous-exploits-and-ubiquitous-mitigation/

Linux systems affected by 'GHOST' vulnerability

Proof-of-concept email gives remote access to Exim mail server.
Proof-of-concept email gives remote access to Exim mail server. If you administer Linux-based systems, you'd better schedule some time for patching, as a serious buffer overflow… https://www.virusbulletin.com/blog/2015/01/linux-systems-affected-ghost-vulnerability/

VB2014 paper: Design to discover: security analytics with 3D visualization engine

Thibault Reuille and Dhia Mahjoub use DNS data to look for clusters of malicious domains.
Thibault Reuille and Dhia Mahjoub use DNS data to look for clusters of malicious domains.Since the close of the VB2014 conference in Seattle in October, we have been sharing VB2014… https://www.virusbulletin.com/blog/2015/01/paper-design-discover-security-analytics-3d-visualization-engine/

Adobe to patch Flash Player zero-day next week

Patch due next week as malvertising leads to Bedep trojan downloader.
Patch due next week as malvertising leads to Bedep trojan downloader. As the news of a zero-day vulnerability in Adobe's Flash Player actively being exploited reached the security… https://www.virusbulletin.com/blog/2015/01/adobe-patch-flash-player-zero-day-next-week/

Alleged Flash Player zero-day used in Angler exploit kit

Adobe 'investigating reports'.
Adobe 'investigating reports'.Vulnerable browser plug-ins are one of the most important infection vectors, which is why it is so important to keep them up to date. If you don't,… https://www.virusbulletin.com/blog/2015/01/alleged-flash-player-zero-day-used-angler-exploit-kit/

Research paper profiles victims of targeted attacks

Large organisations working in national security and international affairs run highest risk.
Large organisations working in national security and international affairs run highest risk. Anyone can be a target of cybercriminal attacks these days. But some are bigger targets… https://www.virusbulletin.com/blog/2015/01/research-paper-profiles-victims-targeted-attacks/

Paper: Nesting doll: unwrapping Vawtrak

Raul Alvarez unwraps the many layers of an increasingly prevalent banking trojan.
Raul Alvarez unwraps the many layers of an increasingly prevalent banking trojan. Banking trojans remain one of the most prevalent kinds of malware. Among them, trojans based on… https://www.virusbulletin.com/blog/2015/01/paper-nesting-doll-unwrapping-vawtrak/

« Previous 1...3334353637...121 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.