VB Blog

Paper: How It Works: Steganography Hides Malware in Image Files

Posted by   Martijn Grooten on   Apr 28, 2016

A new paper by CYREN researcher Lordian Mosuela takes a close look at Gatak, or Stegoloader, a piece of malware that was discovered last year and that is controlled via malicious code embedded in a PNG image, a technique known as steganography.

Read more  

Paying a malware ransom is bad, but telling people never to do it is unhelpful advice

Posted by   Martijn Grooten on   Apr 26, 2016

The current ransomware plague is one of the worst threats the Internet has seen and it is unlikely to go away any time soon. But telling people to never pay the ransom is unhelpful advice.

Read more  

VB2015 paper: VolatilityBot: Malicious Code Extraction Made by and for Security Researchers

Posted by   Martijn Grooten on   Apr 22, 2016

In his VB2015 paper, Martin Korman presented his 'VolatilyBot' tool, which extracts malicious code from packed binaries, leveraging the functionality of the Volatility Framework.

Read more  

VB2016 programme announced, registration opened

Posted by   Martijn Grooten on   Apr 21, 2016

We have announced 37 papers (and four reserve papers) that will be presented at VB2016 in Denver, Colorado, USA in October. Registration for the conference has opened; make sure you register before 1 July to benefit from a 10% early bird discount.

Read more  

New tool helps ransomware victims indentify the malware family

Posted by   Martijn Grooten on   Apr 15, 2016

The people behind the MalwareHunterTeam have released a tool that helps victims of ransomware identify which of more than 50 families has infected their system, something which could help them find a tool to decrypt their files.

Read more  

It's fine for vulnerabilities to have names — we just need not to take them too seriously

Posted by   Martijn Grooten on   Apr 13, 2016

The PR campaign around the Badlock vulnerability backfired when it turned out that the vulnerability wasn't as serious as had been suggested. But naming vulnerabilities can actually be helpful and certainly shouldn't hurt.

Read more  

Throwback Thursday: The Number of the Beasts

Posted by   Helen Martin on   Apr 7, 2016

The Virus Bulletin Virus Prevalence Table, which ran from 1992 until 2013, gave users a regular snapshot of what was really going on in the virus (and later malware) world, recording the number of incidents of each virus reported to VB in the preceding month. In August 2000, Denis Zenkin, a self-confessed virus prevalence table junkie, shared his findings following a study of the virus prevalence tables over the preceding few years, allowing him to determine the top ten viruses of the period, the top viruses by type and the viruses of the year.

Read more  

Paper: All Your Meetings Are Belong to Us: Remote Code Execution in Apache OpenMeetings

Posted by   Martijn Grooten on   Mar 30, 2016

Security researcher Andreas Lindh recently found a vulnerability in Apache OpenMeetings that could allow remote code execution on a vulnerable server. Andreas reported the vulnerability to the OpenMeetings developers and, once it had been patched, he wrote up the details.

Read more  

Throwback Thursday: 'In the Beginning was the Word...'

Posted by   Helen Martin on   Mar 24, 2016

Word and Excel’s internal file formats used to be something in which few were interested – until macro viruses came along and changed all that. In 1996, Andrew Krukov provided an overview of the new breed of viruses.

Read more  

VB2016 Call for Papers Deadline

Posted by   Martijn Grooten on   Mar 18, 2016

You have until the early hours (GMT) of Monday 21 March to submit an abstract for VB2016! The VB2016 programme will be announced in the first week of April.

Read more  
Previous1...4445464748...215Next

Search blog

Compromised Yahoo! accounts continue to spread Android malware

Problem likely to be on Yahoo!'s side.
Problem likely to be on Yahoo!'s side. In recent weeks, we have noticed an uptick in the amount of spam sent from compromised Yahoo! accounts; we have reasons to believe the… https://www.virusbulletin.com/blog/2013/06/compromised-yahoo-accounts-continue-spread-android-malware/

VB2013 speaker spotlight

We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference.
We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference. The VB2013 conference takes place this autumn… https://www.virusbulletin.com/blog/2013/06/speaker-spotlight-harley-myers/

Facebook temporarily blocks access from Tor

Malicious activity triggered automatic lockdown.
Malicious activity triggered automatic lockdown. A 'high volume of malicious activity across Tor exit nodes' is believed to have been the reason why Facebook temporarily blocked… https://www.virusbulletin.com/blog/2013/06/facebook-temporarily-blocks-access-tor/

AV Test releases Android test data

30 mobile solutions tested for malware protection and speed hit.
30 mobile solutions tested for malware protection and speed hit. Independent test organization AV-Test has released its latest report, covering the Andriod platform. This major… https://www.virusbulletin.com/blog/2013/06/av-test-releases-android-test-data/

Latest VBSpam tests show web host spam harder to block

Most filters see a small increase in their catch rates overall.
Most filters see a small increase in their catch rates overall. The results of VB's latest spam filter test show that the spam sent from web hosts is significantly harder to block… https://www.virusbulletin.com/blog/2013/06/latest-vbspam-tests-show-web-host-spam-harder-block/

AMTSO unveils product setup check tools

Set of checks can show if your security is properly configured and operational.
Set of checks can show if your security is properly configured and operational. Today AMTSO officially released its 'Feature settings check' solutions, a set of simple tools to… https://www.virusbulletin.com/blog/2013/06/amtso-unveils-product-setup-check-tools/

June

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2013/06/

June issue of VB published

The June issue of Virus Bulletin is now available for subscribers to download.
The June issue of Virus Bulletin is now available for subscribers to download. The June 2013 issue of Virus Bulletin is now available for subscribers to browse online or download… https://www.virusbulletin.com/blog/2013/06/june-issue-vb-published/

US lifts ban on anti-virus software for Iran

Eased restrictions welcomed by security experts.
Eased restrictions welcomed by security experts. The United States has announced it has eased export restrictions to Iran, and now allows for the export of mobile phones and… https://www.virusbulletin.com/blog/2013/05/us-lifts-ban-anti-virus-software-iran/

Ruby on Rails vulnerability exploited in the wild

Code executed on web servers to cause them to join IRC botnet.
Code executed on web servers to cause them to join IRC botnet. A critical vulnerability in Ruby on Rails is currently being exploited to make web servers join an IRC botnet, Ars… https://www.virusbulletin.com/blog/2013/05/ruby-rails-vulnerability-exploited-wild/

Latest AV-Test results released

New round of figures compare products to Microsoft baselines.
New round of figures compare products to Microsoft baselines. Independent test organization AV-Test has released its latest bimonthly report, covering 26 consumer products and nine… https://www.virusbulletin.com/blog/2013/05/latest-av-test-results-released/

Symantec quietly retires PC Tools security product lines

Sales of Spyware Doctor and other security products end, support to continue for existing users.
Sales of Spyware Doctor and other security products end, support to continue for existing users.Symantec has quietly announced the end of life the of PC Tools security product… https://www.virusbulletin.com/blog/2013/05/symantec-quietly-retires-pc-tools-security-product-lines/

Dutch citizens keep extra cash at hand following DDoS attacks

Month-long attacks had significant impact.
Month-long attacks had significant impact. 25% of Dutch citizens have followed advice to keep extra cash at home, following a recent spate of DDoS attacks on Dutch banks. At the… https://www.virusbulletin.com/blog/2013/05/dutch-citizens-keep-extra-cash-hand-following-ddos-attacks/

India believed to be source of sophisticated surveillance campaigns

In-depth investigations find widespread worldwide snooping, Pakistan primary target.
In-depth investigations find widespread worldwide snooping, Pakistan primary target. Several reports have emerged recently covering a highly organised campaign of targeted… https://www.virusbulletin.com/blog/2013/05/india-believed-be-source-sophisticated-surveillance-campaigns/

German anti-botnet advisory recommends the use of ad blockers for security

'If websites want to include ads, they must make sure they are secure.'
'If websites want to include ads, they must make sure they are secure.' In an open letter to several prominent German websites, Botfrei, the German anti-botnet advisory centre, has… https://www.virusbulletin.com/blog/2013/05/german-anti-botnet-advisory-recommends-use-ad-blockers-security/

Commoditization increasingly seen in mobile malware

Number of malicious samples and families increase, as Android remains most popular mobile platform.
Number of malicious samples and families increase, as Android remains most popular mobile platform. As the number of mobile malware samples in existence continues to grow faster… https://www.virusbulletin.com/blog/2013/05/commoditization-increasingly-seen-mobile-malware/

Microsoft 'found to make requests' to URLs shared via Skype

HEAD requests likely used to determine landing page.
HEAD requests likely used to determine landing page. Is Microsoft checking all the links you share via Skype? German online magazine Heise thinks so. A reader of security magazine… https://www.virusbulletin.com/blog/2013/05/microsoft-found-make-requests-urls-shared-skype/

Program turns anti-analysis tools against the malware

Users cautioned to be wary of a false sense of security.
Users cautioned to be wary of a false sense of security. Could you defeat VM-aware malware by making your system aware of VM-aware malware? Tricks to frustrate researchers and… https://www.virusbulletin.com/blog/2013/05/program-turns-anti-analysis-tools-against-malware/

Twitter, Facebook accounts used in watering hole campaign

USAID sympathizers targeted with links from 'like-minded people'.
USAID sympathizers targeted with links from 'like-minded people'. Two social networking accounts have been discovered that were used in a recent targeted attack. Opinions on… https://www.virusbulletin.com/blog/2013/05/twitter-facebook-accounts-used-watering-hole-campaign/

Microsoft offers fix-it for IE 8 zero-day

CVE-2013-1347 used in watering hole attacks.
CVE-2013-1347 used in watering hole attacks. Following this weekend's discovery of a new zero-day vulnerability in version 8 of Microsoft's Internet Explorer browser, the company… https://www.virusbulletin.com/blog/2013/05/microsoft-offers-fix-it-ie-8-zero-day/

« Previous 1...4445464748...121 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.