Posted by Martijn Grooten on Nov 29, 2017
At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.
Posted by Martijn Grooten on Nov 28, 2017
Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.
Posted by Martijn Grooten on Nov 27, 2017
Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.
Posted by Martijn Grooten on Nov 24, 2017
Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.
Posted by Martijn Grooten on Nov 23, 2017
We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.
Posted by Martijn Grooten on Nov 22, 2017
At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.
Posted by Martijn Grooten on Nov 21, 2017
Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.
Posted by Martijn Grooten on Nov 16, 2017
Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.
Posted by Martijn Grooten on Nov 13, 2017
Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB2017 in Madrid, in which she shared her inside view of security in hospitals.
Posted by Martijn Grooten on Nov 9, 2017
Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.