VB Blog

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

Posted by Martijn Grooten on Nov 29, 2017

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.

Posted by Martijn Grooten on Nov 28, 2017

Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.

Posted by Martijn Grooten on Nov 27, 2017

Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.

Posted by Martijn Grooten on Nov 24, 2017

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.

Posted by Martijn Grooten on Nov 23, 2017

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

Posted by Martijn Grooten on Nov 22, 2017

At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

Posted by Martijn Grooten on Nov 21, 2017

Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

Posted by Martijn Grooten on Nov 16, 2017

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

Posted by Martijn Grooten on Nov 13, 2017

Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB2017 in Madrid, in which she shared her inside view of security in hospitals.

Posted by Martijn Grooten on Nov 9, 2017

Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.

Previous1...2728293031...215Next

Search blog

Virus Bulletin announces VBWeb tests for web filters

Regular comparative tests will show which products offer best protection from malicious web traffic.
Regular comparative tests will show which products offer best protection from malicious web traffic. Just as security companies can't afford to neglect the major infection vector… https://www.virusbulletin.com/blog/2012/11/announces-vbweb-tests-web-filters/

Correction to VBSpam results

Spamhaus and SURBL results re-evaluated.
Spamhaus and SURBL results re-evaluated. The most recent VBSpam results incorrectly stated that SURBL failed to detect a blacklisted URL in any of the emails in the Wombat feed of… https://www.virusbulletin.com/blog/2012/11/correction-vbspam-results/

Latest spam filter test shows spam catch rates have bounced back

Spam catch rates improve, but performance on phishing lags behind that on other spam.
Spam catch rates improve, but performance on phishing lags behind that on other spam. Earlier this week we published the results of the 22nd VBSpam comparative spam filter test,… https://www.virusbulletin.com/blog/2012/11/latest-spam-filter-test-shows-spam-catch-rates-have-bounced-back/

Do we need stronger email addresses?

Skype vulnerability allowed for account hijacking using only email address.
Skype vulnerability allowed for account hijacking using only email address. A worryingly trivial vulnerability in VoIP service Skype became public this morning, which allowed… https://www.virusbulletin.com/blog/2012/11/do-we-need-stronger-email-addresses/

November

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2012/11/

November issue of VB published

The November issue of Virus Bulletin is now available for subscribers to download.
The November issue of Virus Bulletin is now available for subscribers to download. The November 2012 issue of Virus Bulletin is now available for subscribers to browse online or… https://www.virusbulletin.com/blog/2012/11/november-issue-vb-published/

FBI agent receives first J.D. Falk award

Thomas X. Grasso praised for starting DNSChanger working group.
Thomas X. Grasso praised for starting DNSChanger working group. The first annual J.D. Falk award has been given to FBI agent Thomas X. Grasso for establishing the DNSChanger… https://www.virusbulletin.com/blog/2012/10/fbi-agent-receives-first-j-d-falk-award/

Weak cryptography keys allow others to add valid DKIM signatures to fake emails

512-bit key cracked within 72 hours.
512-bit key cracked within 72 hours. A Florida-based mathematician has caused a stir in the email community by adding a valid DKIM signature for google.com to an email after… https://www.virusbulletin.com/blog/2012/10/weak-cryptography-keys-allow-others-add-valid-dkim-signatures-fake-emails/

Anti-virus software significantly shortens life of banking trojans

Security software causes malware to run for less than a third as long.
Security software causes malware to run for less than a third as long. 'Does anti-virus software actually help?' is a question often asked, even by security experts - who point to… https://www.virusbulletin.com/blog/2012/10/anti-virus-software-significantly-shortens-life-banking-trojans/

One in ten spam messages contains drive-by download link

80-fold increase in one month.
80-fold increase in one month. I do not think I am unique in that I can recognize (most) phishing pages from a mile away and that I know that, if I ever wanted to buy… https://www.virusbulletin.com/blog/2012/10/one-ten-spam-messages-contains-drive-download-link/

VGrep: the rose revived

Virus Bulletin relaunches anti-malware name matching tool.
Virus Bulletin relaunches anti-malware name matching tool. 'That which we call a rose, By any other name would smell as sweet.' So wrote Shakespeare in Romeo and Juliet. And anyone… https://www.virusbulletin.com/blog/2012/10/vgrep-rose-revived/

October

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2012/10/

October issue of VB published

The October issue of Virus Bulletin is now available for subscribers to download.
The October issue of Virus Bulletin is now available for subscribers to download. The October 2012 issue of Virus Bulletin is now available for subscribers to browse online or… https://www.virusbulletin.com/blog/2012/10/october-issue-vb-published/

Microsoft releases advisory offering workarounds for IE vulnerability

German government advises users to use alternative browser.
German government advises users to use alternative browser.Microsoft has released a security advisory to address the zero-day vulnerability in its Internet Explorer browser that we… https://www.virusbulletin.com/blog/2012/09/microsoft-releases-advisory-offering-workarounds-ie-vulnerability/

Internet Explorer zero-day used in the wild

Dropped PoisonIvy trojan linked to 'Nitro' attacks.
Dropped PoisonIvy trojan linked to 'Nitro' attacks. Security researcher Eric Romang has discovered a new zero-day vulnerability in Internet Explorer that is currently being used in… https://www.virusbulletin.com/blog/2012/09/internet-explorer-zero-day-used-wild/

Air Force Major Abacha Tunde needs your help

419 scam asks you to help release funds to get Nigerian astronaut back to earth.
419 scam asks you to help release funds to get Nigerian astronaut back to earth. A few months ago, Microsoft researcher Cormac Herley published a paper "Why do Nigerian Scammers… https://www.virusbulletin.com/blog/2012/09/air-force-major-abacha-tunde-needs-your-help/

VB2012 last-minute papers announced

Hot topics to be covered at VB conference in Dallas.
Hot topics to be covered at VB conference in Dallas. For the last six years, VB has set aside a section of the VB conference for 'last-minute' papers, the idea being that… https://www.virusbulletin.com/blog/2012/09/last-minute-papers-announced/

Gach do bonn a mbaineann a chur chugainn

Why cybercriminals may have a reason for using Irish language in a ransomware scam.
Why cybercriminals may have a reason for using Irish language in a ransomware scam. According to a story that made the security headlines this weekend, and which seems to orginate… https://www.virusbulletin.com/blog/2012/09/gach-do-bonn-mbaineann-chur-chugainn/

From spear phishing to watering holes

Symantec reports increase in 'watering hole attacks'.
Symantec reports increase in 'watering hole attacks'. Imagine that for some reason you wanted to gain access to my computer. One thing you could do is send me an email with some… https://www.virusbulletin.com/blog/2012/09/spear-phishing-watering-holes/

September issue of VB published

The September issue of Virus Bulletin is now available for subscribers to download.
The September issue of Virus Bulletin is now available for subscribers to download. The September 2012 issue of Virus Bulletin is now available for subscribers to browse online… https://www.virusbulletin.com/blog/2012/09/september-issue-vb-published/

« Previous 1...4748495051...121 Next »