At VB2019 in London, Fortinet researcher Axelle Apvrille presented a paper co-written with Aamir Lakhani that looked at the threats faced by those who use medical IoT devices to help manage their diabetes. Today we publish the researchers' paper, as well …
Medical IoT for diabetes and cybercrime
Read the paper (HTML)
Download the paper (PDF)
It is estimated that between 8% and 9% of the population worldwide suffers with some… https://www.virusbulletin.com/blog/2020/01/vb2019-paper-medical-iot-diabetes-and-cybercrime/
With the call for papers for VB2020 currently open, we explain why, whether you've never presented before or you're a conference circuit veteran, if you have some interesting research to share with the community we want to hear from you!
Over almost three decades, the Virus Bulletin Conference has built a reputation as a conference that produces solid content. While you might be forgiven for thinking this comes… https://www.virusbulletin.com/blog/2020/02/why-we-encourage-you-submit-paper-vb2020/
In a VB2019 paper Avast researchers Jan Sirmer, Luigino Camastra and Adolf Středa revealed full details of the Rietspoof malware. Today we publish their paper and the recording of the presentation given by Jan and Luigino in London.
Spoofing in the reeds with Rietspoof
Read the paper (HTML)
Download the paper (PDF)
The Call for Papers for VB2020 in Dublin is open! Submit your abstract before… https://www.virusbulletin.com/blog/2020/01/vb2019-paper-spoofing-reeds-rietspoof/
The GandCrab ransomware regularly updated itself to newer versions to stay ahead of decryptors released by security researchers, and regularly included taunts, jokes and references to security organizations in its code. In a new paper, the AhnLab Security…
For more details of GandCrab, also see the VB2019 paper and presentation by McAfee researchers John Fokker and Alexandre Mundo, who looked both at the malware code and its… https://www.virusbulletin.com/blog/2020/01/new-paper-behind-scenes-gandcrabs-operation/
With the VB2020 Call for Papers now open, we explain how the selection procedure works, which may help you during your abstract submission.
We recently opened the call for papers for VB2020, which is to take place 30 September to 2 October in Dublin, Ireland. The deadline for the call for papers is Sunday 15 March.… https://www.virusbulletin.com/blog/2020/01/vb2020-call-papers/
In 2019 we saw a rise in the number of targeted malware infections spread via ISPs and service providers. In a last-minute paper presented at VB2019 in London, Kaspersky researcher Denis Legezo discussed the details of a number of such cases. Today we rel…
In 2019 we saw an increase in the number of targeted malware infections spread via ISPs and service providers. Some notable cases included the installation of digital certificates… https://www.virusbulletin.com/blog/2020/01/vb2019-presentation-targeted-attacks-through-isps/
In a last-minute presentation at VB2019 in London, John Bambenek of the University of Illinois at Urbana-Champaign discussed details of campaigns that used advanced iOS and Android exploit chains against China’s Uighur minority. Today we release the recor…
One of the biggest security stories of 2019 was the use of advanced iOS and Android exploit chains against China’s Uighur minority, first uncovered by Google’s Project Zero with… https://www.virusbulletin.com/blog/2020/01/vb2019-presentation-deep-dive-iphone-exploit-chains/
In the final of a five-part series of blog posts, departing VB Editor Martijn Grooten argues for more emphasis on the good news in security, especially that which is more subtle.
At the end of this month, I will step down as Editor of Virus Bulletin. Before doing so, I have been sharing some 'parting thoughts' in five blog posts, based on my experience… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-5-bringing-good-news/
In the fourth of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why security researchers should refer to other people's work.
At the end of this month, I will step down as Editor of Virus Bulletin. Before I do so, I will share some 'parting thoughts' in five blog posts, based on my experience working in… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-4-big-picture/
China has long been a hotbed of DDoS activities, and today we publish a VB2019 paper by Intezer researcher Nacho Sanmillan who looked at Chinese threat groups engaged in performing DDoS attacks. We have also uploaded the recording of his presentation.
Exploring the Chinese DDoS landscape
Read the paper (HTML)
Download the paper (PDF)
China has long been a hotbed of DDoS activities, with several groups… https://www.virusbulletin.com/blog/2019/12/vb2019-paper-exploring-chinese-ddos-landscape/
In the third of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes security vendors should take their products' security more seriously.
At the end of this month, I will step down as Editor of Virus Bulletin. Before I do so, I will share some 'parting thoughts' in five blog posts, based on my experience working in… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-3-taking-security-seriously/
In the second of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes cybersecurity professionals need to educate themselves on the complexities of the real-world situations in which security is applied.
At the end of this month, I will step down as Editor of Virus Bulletin. Before I do so, I will share some 'parting thoughts' in five blog posts, based on my experience working in… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-2-need-education-security/
The programme for VB2020 localhost - the first virtual, and entirely free to attend VB conference - is now complete, with new additions to both the live programme and the on-demand programme.
At VB2019, JPCERT/CC's Shusei Tomonaga and Tomoaki Tani presented a paper on attacks that exploit vulnerabilities in software used only in Japan, using malware that is unique to Japan. Today we publish both their paper and the recording of their presentation.
In a follow-up to a paper presented at VB2019, Prismo Systems researchers Abhishek Singh and Ramesh Mani detail algorithms that can be used to detect SQL injection in stored procedures, persistent cross-site scripting (XSS), and server‑side request forgery (SSRF) by instrumenting web applications.
VB is pleased to reveal the details of an interesting and diverse programme for VB2020, the 30th Virus Bulletin International Conference.
At VB2019 in London, Jamf's Patrick Wardle analysed the WindTail macOS malware used by the WindShift APT group, active in the Middle East. Today we publish both Patrick's paper and the recording of his presentation.
At VB2019 cybercrime journalist and researcher Adam Haertlé presented an analysis of almost 2000 unsolicited responses sent by victims of a malicious email campaign. Today we publish both his paper and the recording of his presentation.
Often unbeknownst to network administrators, many company networks are used to download child sexual abuse material. In a paper presented at VB2019 in London, NetClean’s Richard Matti and Anna Creutz looked at this problem and what companies can do, ultimately, to help safeguard children. Today we publish their full paper.