VB Blog

First 11 partners of VB2019 announced

Posted by   Virus Bulletin on   May 15, 2019

We are excited to announce the first 11 companies to partner with VB2019, whose support will help ensure a great event.

Read more  

VB2018 paper: Fake News, Inc.

Posted by   Helen Martin on   Apr 25, 2019

A former reporter by profession, Andrew Brandt's curiosity was piqued when he came across what appeared at first glance to be the website of a small-town newspaper based in Illinois, but under scrutiny, things didn’t add up. At VB2018 he presented a paper in which he shared the results of his investigation of the site. Today, we publish his paper and the recording of his presentation.

Read more  

Paper: Alternative communication channel over NTP

Posted by   Martijn Grooten on   Apr 24, 2019

In a new paper published today, independent researcher Nikolaos Tsapakis writes about the possibilities of malware using NTP as a covert communication channel and how to stop this.

Read more  

VB2019 conference programme announced

Posted by   Martijn Grooten on   Apr 5, 2019

VB is excited to reveal the details of an interesting and diverse programme for VB2019, the 29th Virus Bulletin International Conference, which takes place 2-4 October in London, UK.

Read more  

VB2018 paper: Under the hood - the automotive challenge

Posted by   Martijn Grooten on   Mar 27, 2019

Car hacking has become a hot subject in recent years, and at VB2018 in Montreal, Argus Cyber Security's Inbar Raz presented a paper that provides an introduction to the subject, looking at the complex problem, examples of car hacks, and the challenges ahead. Today, we publish both Inbar's paper and the recording of his presentation.

Read more  

VB2018 paper and video: Android app deobfuscation using static-dynamic cooperation

Posted by   Martijn Grooten on   Mar 20, 2019

Static analysis and dynamic analysis each have their shortcomings as methods for analysing potentially malicious files. Today, we publish a VB2018 paper by Check Point researchers Yoni Moses and Yaniv Mordekhay, in which they describe a method that combines static and dynamic analysis to defeat app obfuscation in Android binaries. We also publish the video of their presentation.

Read more  

VB2019 call for papers closes this weekend

Posted by   Martijn Grooten on   Mar 15, 2019

The call for papers for VB2019 closes on 17 March, and while we've already received many great submissions, we still want more!

Read more  

Registration open for VB2019 ─ book your ticket now!

Posted by   Martijn Grooten on   Mar 13, 2019

Registration for VB2019, the 29th Virus Bulletin International Conference, is now open, with an early bird rate available until 1 July.

Read more  

The VB2019 call for papers is about ... papers

Posted by   Martijn Grooten on   Mar 8, 2019

When we are calling for papers for the Virus Bulletin conference as we are doing now, we really mean a written paper. But don't worry if you've never written a paper - we can help!

Read more  

VB2018 video: Adware is just malware with a legal department - how we reverse engineered OSX/Pirrit, received legal threats, and survived

Posted by   Martijn Grooten on   Mar 8, 2019

Amit Serper first analysed the OSX/Pirrit adware in 2016, highlighting some of its malware-like techniques, and soon afterwards started receiving legal threats from the company behind it. At VB2018 Amit gave a presentation in which he discussed both the adware and the legal threats he received for calling it malware. Today, we publish the video of Amit's presentation.

Read more  
Previous1...1112131415...215Next

Search blog

Detekt tool searches PCs for traces of surveillance spyware

Second opinion essential in circumstances under which likely victims operate.
Second opinion essential in circumstances under which likely victims operate. Last week, the release of the free 'Detekt' tool was announced. Developed by Claudio Guarnieri and… https://www.virusbulletin.com/blog/2014/11/detekt-tool-searches-pcs-traces-surveillance-spyware/

Multi-staged, modular Regin tool enables stealthy surveillance

Nation state likely behind campaign that goes back many years.
Nation state likely behind campaign that goes back many years. Few terms are misused in a security context as often as the term 'advanced', perhaps in part because the industry… https://www.virusbulletin.com/blog/2014/11/multi-staged-modular-regin-tool-enables-stealthy-surveillance/

Botconf 2014 preview

Many VB authors and presenters to speak at second botnet-fighting conference.
Many VB authors and presenters to speak at second botnet-fighting conference. Last year, I attended the first edition of 'Botconf' in the French city of Nantes. I really enjoyed… https://www.virusbulletin.com/blog/2014/11/botconf-2014-preview/

VB2014 paper: Sweeping the IP space: the hunt for evil on the Internet

Dhia Mahjoub explains how the topology of the AS graph can be used to uncover hotspots of maliciousness.
Dhia Mahjoub explains how the topology of the AS graph can be used to uncover hotspots of maliciousness.Over the next few months, we will be sharing VB2014 conference papers as… https://www.virusbulletin.com/blog/2014/11/paper-sweeping-ip-space-hunt-evil-internet/

Report: VB100 comparative review on Windows 8.1

40 out of 48 tested products earn VB100 award.
40 out of 48 tested products earn VB100 award. If you follow the security news, you may believe that all you have to worry about are nation states using zero-day vulnerabilities to… https://www.virusbulletin.com/blog/2014/11/report-comparative-review-windows-8-1/

Out-of-band patch released for all Windows versions

Kerberos bug means one set of credentials suffices to rule them all.
Kerberos bug means one set of credentials suffices to rule them all. If you are a Windows systems administrator, the content of this blog post will (hopefully) not come as a… https://www.virusbulletin.com/blog/2014/11/out-band-patch-released-all-windows-versions/

VB2014 paper: Optimized mal-ops. Hack the ad network like a boss

Why buying ad space makes perfect sense for those wanting to spread malware.
Why buying ad space makes perfect sense for those wanting to spread malware.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the… https://www.virusbulletin.com/blog/2014/11/paper-optimized-mal-ops-hack-ad-network-boss/

Book review: Bulletproof SSL and TLS

Must-read for anyone working with one of the Internet's most important protocols.
Must-read for anyone working with one of the Internet's most important protocols. I was reading Ivan Ristić's book Bulletproof SSL and TLS when rumours started to appear about an… https://www.virusbulletin.com/blog/2014/11/book-review-bulletproof-ssl-and-tls/

VB2014 paper: Bootkits: past, present & future

Despite better defences, the era of bootkits is certainly not behind us.
Despite better defences, the era of bootkits is certainly not behind us.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the… https://www.virusbulletin.com/blog/2014/11/paper-bootkits-past-present-amp-future/

Stuxnet infected Natanz plant via carefully selected targets rather than escape from it

Five initial victims of infamous worm named.
Five initial victims of infamous worm named. Today, as Wired journalist Kim Zetter publishes her book Countdown to Zero Day on Stuxnet, researchers from Kaspersky and Symantec… https://www.virusbulletin.com/blog/2014/11/stuxnet-infected-natanz-plant-carefully-selected-targets-rather-escape-it/

VB2014 paper: Apple without a shell - iOS under targeted attack

Developer Enterprise Program recently found to be used by WireLurker.
Developer Enterprise Program recently found to be used by WireLurker.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the… https://www.virusbulletin.com/blog/2014/11/paper-apple-without-shell-ios-under-targeted-attack/

VB2014 video: Attack points in health apps & wearable devices - how safe is your quantified self?

Health apps and wearable devices found to make many basic security mistakes.
Health apps and wearable devices found to make many basic security mistakes. "I know a lot of you have a Fitbit device." The geeks attending VB conferences tend to like their… https://www.virusbulletin.com/blog/2014/11/video-attack-points-health-apps-amp-wearable-devices-how-safe-your-quantified-self/

Macro malware on the rise again

Users taught that having to enable enhanced security features is no big deal.
Users taught that having to enable enhanced security features is no big deal. When I joined Virus Bulletin almost eight years ago, macro viruses were already a thing of the past,… https://www.virusbulletin.com/blog/2014/11/macro-malware-rise-again/

VB2014 paper: DMARC - how to use it to improve your email reputation

Terry Zink presents case study in which he describes setting a DMARC policy for Microsoft.
Terry Zink presents case study in which he describes setting a DMARC policy for Microsoft.Over the next few months, we will be sharing VB2014 conference papers as well as video… https://www.virusbulletin.com/blog/2014/11/paper-dmarc-how-use-it-improve-your-email-reputation/

WireLurker malware infects iOS devices through OS X

Non-jailbroken devices infected via enterprise provisioning program.
Non-jailbroken devices infected via enterprise provisioning program. Researchers at Palo Alto Networks have published a research paper (PDF) analysing the 'WireLurker' malware that… https://www.virusbulletin.com/blog/2014/11/wirelurker-malware-infects-ios-devices-through-os-x/

VB2014 Paper: Well, that escalated quickly. From penny-stealing malware to multi-million-dollar heists, a quick overview of the Bitcoin bonanza in the digital era

Santiago Pontiroli takes us on a rollercoaster ride through cryptocurrency land.
Santiago Pontiroli takes us on a rollercoaster ride through cryptocurrency land.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of… https://www.virusbulletin.com/blog/2014/11/paper-well-escalated-quickly-penny-stealing-malware-multi-million-dollar-heists-quick-overview-bitcoin-bonanza-digital-era/

November

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2014/11/

The VB2014 presentation you never saw. Early launch Android malware: your phone is 0wned

Malicious apps may have more privileges than security software.
Malicious apps may have more privileges than security software. There are many people without whom a Virus Bulletin conference wouldn't be possible: the VB team, the crew from Cue… https://www.virusbulletin.com/blog/2014/10/presentation-you-never-saw-early-launch-android-malware-your-phone-0wned/

CVE-2012-0158 continues to be used in targeted attacks

30-month old vulnerability still a popular way to infect systems.
30-month old vulnerability still a popular way to infect systems. If all you have to worry about are zero-day vulnerabilities, you have got things pretty well sorted. Although it… https://www.virusbulletin.com/blog/2014/10/cve-2012-0158-continues-be-used-targeted-attacks/

Paper: Invading the core: iWorm's infection vector and persistence mechanism

Malware spreads through infected torrent, then maintains persistence on the system.
Malware spreads through infected torrent, then maintains persistence on the system. A month ago, security firm Dr.Web reported it had discovered a new malware variant targeting Mac… https://www.virusbulletin.com/blog/2014/10/paper-invading-core-iworm-s-infection-vector-and-persistence-mechanism/

« Previous 1...3536373839...121 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.