VB Blog

VB2017 paper and update: Browser attack points still abused by banking trojans

Posted by Martijn Grooten on Jul 25, 2018

At VB2017, ESET researchers Peter Kálnai and Michal Poslušný looked at how banking malware interacts with browsers. Today we publish their paper, share the video of their presentation, and also publish a guest blog post from Peter, in which he summarises the recent developments in this space.

Posted by Martijn Grooten on Jul 16, 2018

It is likely that, by now, everyone in computer science has at least heard of the Spectre attack, and many excellent explanations of the attack already exist. But what is the likelihood of finding Spectre being exploited on Android smartphones?

Posted by Martijn Grooten on Jul 11, 2018

We are excited to announce several more companies that have partnered with VB2018.

Posted by Martijn Grooten on Jul 10, 2018

A new malware campaign that uses two stolen code-signing certificates shows that such certificates continue to be popular among malware authors. But there is a positive side to malware authors' use of stolen certificates.

Posted by Martijn Grooten on Jul 6, 2018

Though the location will remain under wraps for a few more months, we are pleased to announce the dates for VB2019, the 29th Virus Bulletin International Conference.

Posted by Martijn Grooten on Jul 6, 2018

The operators of the Necurs botnet, best known for being one of the most prolific spam botnets of the past few years, have pushed out updates to its client, which provide some important lessons about why malware infections matter.

Posted by Martijn Grooten on Jul 3, 2018

Virus Bulletin has opened nominations for the fifth annual Péter Szőr Award, for the best piece of technical security research published between 1 July 2017 and 30 June 2018.

Posted by Martijn Grooten on Jul 3, 2018

Security researcher Matt Nelson has discovered how .SettingContent-ms files can be embedded into Office files to deliver malware.

Posted by Martijn Grooten on Jun 26, 2018

The New York Times reports that smart home devices are increasingly used in cases of domestic abuse.

Posted by Martijn Grooten on Jun 25, 2018

If you want to come to VB2018 in Montreal this year (and why wouldn't you?) and want to save a bit on the ticket price (and why wouldn't you?), remember that early bird discounts will be available until 30 June.

Previous1...1920212223...215Next

Search blog

Correction to VBSpam results

Spamhaus and SURBL results re-evaluated.
Spamhaus and SURBL results re-evaluated. The most recent VBSpam results incorrectly stated that SURBL failed to detect a blacklisted URL in any of the emails in the Wombat feed of… https://www.virusbulletin.com/blog/2012/11/correction-vbspam-results/

Virus Bulletin announces VBWeb tests for web filters

Regular comparative tests will show which products offer best protection from malicious web traffic.
Regular comparative tests will show which products offer best protection from malicious web traffic. Just as security companies can't afford to neglect the major infection vector… https://www.virusbulletin.com/blog/2012/11/announces-vbweb-tests-web-filters/

Latest spam filter test shows spam catch rates have bounced back

Spam catch rates improve, but performance on phishing lags behind that on other spam.
Spam catch rates improve, but performance on phishing lags behind that on other spam. Earlier this week we published the results of the 22nd VBSpam comparative spam filter test,… https://www.virusbulletin.com/blog/2012/11/latest-spam-filter-test-shows-spam-catch-rates-have-bounced-back/

Do we need stronger email addresses?

Skype vulnerability allowed for account hijacking using only email address.
Skype vulnerability allowed for account hijacking using only email address. A worryingly trivial vulnerability in VoIP service Skype became public this morning, which allowed… https://www.virusbulletin.com/blog/2012/11/do-we-need-stronger-email-addresses/

November

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2012/11/

November issue of VB published

The November issue of Virus Bulletin is now available for subscribers to download.
The November issue of Virus Bulletin is now available for subscribers to download. The November 2012 issue of Virus Bulletin is now available for subscribers to browse online or… https://www.virusbulletin.com/blog/2012/11/november-issue-vb-published/

FBI agent receives first J.D. Falk award

Thomas X. Grasso praised for starting DNSChanger working group.
Thomas X. Grasso praised for starting DNSChanger working group. The first annual J.D. Falk award has been given to FBI agent Thomas X. Grasso for establishing the DNSChanger… https://www.virusbulletin.com/blog/2012/10/fbi-agent-receives-first-j-d-falk-award/

Weak cryptography keys allow others to add valid DKIM signatures to fake emails

512-bit key cracked within 72 hours.
512-bit key cracked within 72 hours. A Florida-based mathematician has caused a stir in the email community by adding a valid DKIM signature for google.com to an email after… https://www.virusbulletin.com/blog/2012/10/weak-cryptography-keys-allow-others-add-valid-dkim-signatures-fake-emails/

One in ten spam messages contains drive-by download link

80-fold increase in one month.
80-fold increase in one month. I do not think I am unique in that I can recognize (most) phishing pages from a mile away and that I know that, if I ever wanted to buy… https://www.virusbulletin.com/blog/2012/10/one-ten-spam-messages-contains-drive-download-link/

Anti-virus software significantly shortens life of banking trojans

Security software causes malware to run for less than a third as long.
Security software causes malware to run for less than a third as long. 'Does anti-virus software actually help?' is a question often asked, even by security experts - who point to… https://www.virusbulletin.com/blog/2012/10/anti-virus-software-significantly-shortens-life-banking-trojans/

VGrep: the rose revived

Virus Bulletin relaunches anti-malware name matching tool.
Virus Bulletin relaunches anti-malware name matching tool. 'That which we call a rose, By any other name would smell as sweet.' So wrote Shakespeare in Romeo and Juliet. And anyone… https://www.virusbulletin.com/blog/2012/10/vgrep-rose-revived/

October

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2012/10/

October issue of VB published

The October issue of Virus Bulletin is now available for subscribers to download.
The October issue of Virus Bulletin is now available for subscribers to download. The October 2012 issue of Virus Bulletin is now available for subscribers to browse online or… https://www.virusbulletin.com/blog/2012/10/october-issue-vb-published/

Microsoft releases advisory offering workarounds for IE vulnerability

German government advises users to use alternative browser.
German government advises users to use alternative browser.Microsoft has released a security advisory to address the zero-day vulnerability in its Internet Explorer browser that we… https://www.virusbulletin.com/blog/2012/09/microsoft-releases-advisory-offering-workarounds-ie-vulnerability/

Internet Explorer zero-day used in the wild

Dropped PoisonIvy trojan linked to 'Nitro' attacks.
Dropped PoisonIvy trojan linked to 'Nitro' attacks. Security researcher Eric Romang has discovered a new zero-day vulnerability in Internet Explorer that is currently being used in… https://www.virusbulletin.com/blog/2012/09/internet-explorer-zero-day-used-wild/

Air Force Major Abacha Tunde needs your help

419 scam asks you to help release funds to get Nigerian astronaut back to earth.
419 scam asks you to help release funds to get Nigerian astronaut back to earth. A few months ago, Microsoft researcher Cormac Herley published a paper "Why do Nigerian Scammers… https://www.virusbulletin.com/blog/2012/09/air-force-major-abacha-tunde-needs-your-help/

VB2012 last-minute papers announced

Hot topics to be covered at VB conference in Dallas.
Hot topics to be covered at VB conference in Dallas. For the last six years, VB has set aside a section of the VB conference for 'last-minute' papers, the idea being that… https://www.virusbulletin.com/blog/2012/09/last-minute-papers-announced/

Gach do bonn a mbaineann a chur chugainn

Why cybercriminals may have a reason for using Irish language in a ransomware scam.
Why cybercriminals may have a reason for using Irish language in a ransomware scam. According to a story that made the security headlines this weekend, and which seems to orginate… https://www.virusbulletin.com/blog/2012/09/gach-do-bonn-mbaineann-chur-chugainn/

From spear phishing to watering holes

Symantec reports increase in 'watering hole attacks'.
Symantec reports increase in 'watering hole attacks'. Imagine that for some reason you wanted to gain access to my computer. One thing you could do is send me an email with some… https://www.virusbulletin.com/blog/2012/09/spear-phishing-watering-holes/

September issue of VB published

The September issue of Virus Bulletin is now available for subscribers to download.
The September issue of Virus Bulletin is now available for subscribers to download. The September 2012 issue of Virus Bulletin is now available for subscribers to browse online… https://www.virusbulletin.com/blog/2012/09/september-issue-vb-published/

« Previous 1...4748495051...121 Next »