VB Blog

We are more ready for IPv6 email than we may think

Posted by   Martijn Grooten on   Jun 21, 2018

Though IPv6 is gradually replacing IPv4 on the Internet's network layer, email is lagging behind, the difficulty in blocking spam sent over IPv6 cited as a reason not to move. But would we really have such a hard time blocking spam sent over IPv6?

Read more  

Subtle change could see a reduction in installation of malicious Chrome extensions

Posted by   Martijn Grooten on   Jun 13, 2018

Google has made a subtle change to its Chrome browser, banning the inline installation of new extensions, thus making it harder for malware authors to trick users into unwittingly installing malicious extensions.

Read more  

Paper: EternalBlue: a prominent threat actor of 2017–2018

Posted by   Martijn Grooten on   Jun 11, 2018

We publish a paper by researchers from Quick Heal Security Labs in India, who study the EternalBlue and DoublePulsar exploits in full detail.

Read more  

'North Korea' a hot subject among VB2018 talks

Posted by   Virus Bulletin on   Jun 1, 2018

Several VB2018 papers deal explicitly or implicitly with threats that have been attributed to North Korean actors.

Read more  

Expired domain led to SpamCannibal's blacklist eating the whole world

Posted by   Martijn Grooten on   May 31, 2018

The domain of the little-used SpamCannibal DNS blacklist had expired, resulting in it effectively listing every single IP address.

Read more  

MnuBot banking trojan communicates via SQL server

Posted by   Martijn Grooten on   May 30, 2018

Researchers at IBM X-Force have discovered MnuBot, a banking trojan targeting users in Brazil, which is noteworthy for using SQL Server for command and control communication.

Read more  

Throwback Thursday: Giving the EICAR test file some teeth

Posted by   Martijn Grooten on   May 24, 2018

The 68-byte EICAR test file plays as important a role today as it did 19 years ago. In this week's Throwback Thursday we look back at a VB99 conference paper in which Randy Abrams described how this 'miracle tool' worked and how it could be used.

Read more  

XMRig used in new macOS cryptominer

Posted by   Martijn Grooten on   May 23, 2018

A new piece of cryptocurrency-mining malware on macOS has been found to use the popular XMRig miner.

Read more  

Tendency for DDoS attacks to become less volumetric fits in a wider trend

Posted by   Martijn Grooten on   May 22, 2018

CDN provider Cloudflare reports an increase in DDoS attacks targeting layer 7 and focusing on exhausting server resources rather than sending large volumes of data. This fits in a wider trend.

Read more  

Turkish Twitter users targeted with mobile FinFisher spyware

Posted by   Martijn Grooten on   May 15, 2018

Through fake social media accounts, users were tricked into installing an Android application that was actually a mobile version of the FinFisher spyware.

Read more  
Previous1...2021222324...215Next

Search blog

Compromised Yahoo! accounts continue to spread Android malware

Problem likely to be on Yahoo!'s side.
Problem likely to be on Yahoo!'s side. In recent weeks, we have noticed an uptick in the amount of spam sent from compromised Yahoo! accounts; we have reasons to believe the… https://www.virusbulletin.com/blog/2013/06/compromised-yahoo-accounts-continue-spread-android-malware/

VB2013 speaker spotlight

We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference.
We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference. The VB2013 conference takes place this autumn… https://www.virusbulletin.com/blog/2013/06/speaker-spotlight-harley-myers/

Facebook temporarily blocks access from Tor

Malicious activity triggered automatic lockdown.
Malicious activity triggered automatic lockdown. A 'high volume of malicious activity across Tor exit nodes' is believed to have been the reason why Facebook temporarily blocked… https://www.virusbulletin.com/blog/2013/06/facebook-temporarily-blocks-access-tor/

AV Test releases Android test data

30 mobile solutions tested for malware protection and speed hit.
30 mobile solutions tested for malware protection and speed hit. Independent test organization AV-Test has released its latest report, covering the Andriod platform. This major… https://www.virusbulletin.com/blog/2013/06/av-test-releases-android-test-data/

Latest VBSpam tests show web host spam harder to block

Most filters see a small increase in their catch rates overall.
Most filters see a small increase in their catch rates overall. The results of VB's latest spam filter test show that the spam sent from web hosts is significantly harder to block… https://www.virusbulletin.com/blog/2013/06/latest-vbspam-tests-show-web-host-spam-harder-block/

AMTSO unveils product setup check tools

Set of checks can show if your security is properly configured and operational.
Set of checks can show if your security is properly configured and operational. Today AMTSO officially released its 'Feature settings check' solutions, a set of simple tools to… https://www.virusbulletin.com/blog/2013/06/amtso-unveils-product-setup-check-tools/

June issue of VB published

The June issue of Virus Bulletin is now available for subscribers to download.
The June issue of Virus Bulletin is now available for subscribers to download. The June 2013 issue of Virus Bulletin is now available for subscribers to browse online or download… https://www.virusbulletin.com/blog/2013/06/june-issue-vb-published/

June

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2013/06/

US lifts ban on anti-virus software for Iran

Eased restrictions welcomed by security experts.
Eased restrictions welcomed by security experts. The United States has announced it has eased export restrictions to Iran, and now allows for the export of mobile phones and… https://www.virusbulletin.com/blog/2013/05/us-lifts-ban-anti-virus-software-iran/

Ruby on Rails vulnerability exploited in the wild

Code executed on web servers to cause them to join IRC botnet.
Code executed on web servers to cause them to join IRC botnet. A critical vulnerability in Ruby on Rails is currently being exploited to make web servers join an IRC botnet, Ars… https://www.virusbulletin.com/blog/2013/05/ruby-rails-vulnerability-exploited-wild/

Latest AV-Test results released

New round of figures compare products to Microsoft baselines.
New round of figures compare products to Microsoft baselines. Independent test organization AV-Test has released its latest bimonthly report, covering 26 consumer products and nine… https://www.virusbulletin.com/blog/2013/05/latest-av-test-results-released/

Symantec quietly retires PC Tools security product lines

Sales of Spyware Doctor and other security products end, support to continue for existing users.
Sales of Spyware Doctor and other security products end, support to continue for existing users.Symantec has quietly announced the end of life the of PC Tools security product… https://www.virusbulletin.com/blog/2013/05/symantec-quietly-retires-pc-tools-security-product-lines/

Dutch citizens keep extra cash at hand following DDoS attacks

Month-long attacks had significant impact.
Month-long attacks had significant impact. 25% of Dutch citizens have followed advice to keep extra cash at home, following a recent spate of DDoS attacks on Dutch banks. At the… https://www.virusbulletin.com/blog/2013/05/dutch-citizens-keep-extra-cash-hand-following-ddos-attacks/

India believed to be source of sophisticated surveillance campaigns

In-depth investigations find widespread worldwide snooping, Pakistan primary target.
In-depth investigations find widespread worldwide snooping, Pakistan primary target. Several reports have emerged recently covering a highly organised campaign of targeted… https://www.virusbulletin.com/blog/2013/05/india-believed-be-source-sophisticated-surveillance-campaigns/

German anti-botnet advisory recommends the use of ad blockers for security

'If websites want to include ads, they must make sure they are secure.'
'If websites want to include ads, they must make sure they are secure.' In an open letter to several prominent German websites, Botfrei, the German anti-botnet advisory centre, has… https://www.virusbulletin.com/blog/2013/05/german-anti-botnet-advisory-recommends-use-ad-blockers-security/

Commoditization increasingly seen in mobile malware

Number of malicious samples and families increase, as Android remains most popular mobile platform.
Number of malicious samples and families increase, as Android remains most popular mobile platform. As the number of mobile malware samples in existence continues to grow faster… https://www.virusbulletin.com/blog/2013/05/commoditization-increasingly-seen-mobile-malware/

Program turns anti-analysis tools against the malware

Users cautioned to be wary of a false sense of security.
Users cautioned to be wary of a false sense of security. Could you defeat VM-aware malware by making your system aware of VM-aware malware? Tricks to frustrate researchers and… https://www.virusbulletin.com/blog/2013/05/program-turns-anti-analysis-tools-against-malware/

Microsoft 'found to make requests' to URLs shared via Skype

HEAD requests likely used to determine landing page.
HEAD requests likely used to determine landing page. Is Microsoft checking all the links you share via Skype? German online magazine Heise thinks so. A reader of security magazine… https://www.virusbulletin.com/blog/2013/05/microsoft-found-make-requests-urls-shared-skype/

Twitter, Facebook accounts used in watering hole campaign

USAID sympathizers targeted with links from 'like-minded people'.
USAID sympathizers targeted with links from 'like-minded people'. Two social networking accounts have been discovered that were used in a recent targeted attack. Opinions on… https://www.virusbulletin.com/blog/2013/05/twitter-facebook-accounts-used-watering-hole-campaign/

Microsoft offers fix-it for IE 8 zero-day

CVE-2013-1347 used in watering hole attacks.
CVE-2013-1347 used in watering hole attacks. Following this weekend's discovery of a new zero-day vulnerability in version 8 of Microsoft's Internet Explorer browser, the company… https://www.virusbulletin.com/blog/2013/05/microsoft-offers-fix-it-ie-8-zero-day/

« Previous 1...4445464748...121 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.