Virus Bulletin newsletter

The Virus Bulletin newsletter – a weekly round-up presenting an overview of the best threat intelligence sources from around the web, with a focus on technical analyses of threats and attacks – is currently on hold, with the aim of re-starting in the near future. In the meantime, please browse the archives below.




23 December 2019: VB2019 papers, Operation Wocao, Rancor, ToTok, ServHelper, Dactl, Poison Frog, Emotet, MyKings, Spelevo, etc.

16 December 2019: VB2020 CFP, Machete, Operation Soft Cell, Patch Tuesday, Trickbot/Anchor, BlueAlpha, Ryuk, Snatch, Zeppelin, etc.

9 December 2019: Botconf, VB2019 papers, Imminent Monitor, Lazarus, ZeroCleare, StrandHogg, PyXie, xHunt, CallerSpy, Buer, IcedID, etc.

2 December 2019: Poison Vine, Emotet, Tick, Fullz House, RevengeHotels, Dexphot, Stantinko, stalkerware, CoinLoader, etc.

25 November 2019: stalkerware, GandCrab, OT reconnaissance, DePriMon, Phorpiex, CVE-2019-2215, exploit kits, Lazarus, Monero, etc.

18 November 2019: Firefox zero-days, Domestic Kitten, APT33, Patch Tuesday, PureLocker, carding bots, TA2101, FakeAdsBlocker, etc.

12 November 2019: DNS attacks, Dridex, Dexofuzzy, Emotet, DarkUniverse, Capesand, BlueKeep, Platinum, Nemty, Magecart, etc.

4 November 2019: stalkerware, Emotet, BlueKeep, MESSAGETAP, Chrome zero-day, Xhelper, Android adware, Magecart, Adwind, etc.

28 October 2019: CCleaner, Emotet and Ryuk, Magecart, Winnti, Carbanak, sextortion, Rig, Buran, Remcos RAT, Gustuff, Raccoon, etc.

21 October 2019: Geost, sextortion, The Dukes, STOP ransomware, APT41, Winnti, TA505, Fallout, TA407, click-fraud, Blackremote RAT, etc.

14 October 2019: VB2019 roundup (Simjacker, Magecart, Geost, SandCat etc.), xHunt, Reductor, Pegasus, Charming Kitten, Tortoiseshell, etc.

23 September 2019: Emotet, macOS process and file monitors, Magecart, BlackTech, FlexiSpy, Tortoiseshell, WannaCry, Adwind, Nemty, etc.

16 September 2019: VB2019 TIPS, Simjacker, Stealth Falcon, CRASHOVERRIDE, Thrip, Cobalt Dickens, Charming Kitten, Patch Tuesday, etc.

9 September 2019: VB2019, Buckeye, watering holes against Uyghurs, North Korean credential stealing, PsiXBot, Domen, spam, Glupteba, etc.

2 September 2019: Magecart, parent-child relationships, iPhone watering hole attacks, Retadup, LYCEUM, China Chopper, TA505, FIN6, etc.

26 August 2019: Emotet, Machete, OAuth phishing, Silence, Android spyware, Gamaredon, Magecart, Asruex, Guildma, North Korean phishing, etc.

20 August 2019: AfricaHackon, Cloud Atlas, Patch Tuesday and DejaBlue, Photoshop vulnerabilities, GoBrut, BalkanDoor and BalkanRAT, etc.

13 August 2019: Protonmail phishing, APT41, Machete, BITTER, Sodinokibi, STRONTIUM and IoT, MoqHao, GermanWiper, Bladr, Lokibot, etc.

30 July 2019: VB2019 call for last-minute papers, Winnti, Energetic Bear, IcedID, Phobos, Brushaloader, Spelevo, NoMoreRansom.

22 July 2019: PowerBrace, Turla/Topinambour, Ke3chang, SLUB, Projecto RAT, APT34, EvilGnome, CVE-2018-0798, StrongPity, Bitpaymer, etc.

15 July 2019: Buhtrap, Patch Tuesday, FinFisher, Sea Turtle, DNS hijacks, QNAPCrypt, Excel formula injections, Doppelpaymer, Router exploit kits, etc.

8 July 2019: Péter Szőr Award, CVE-2018-0798, Godlua, Operation Tripoli, Heaven's Gate, Sodinokibi, TA505, Hancitor and Cobalt Strike, BianLian, etc.

1 July 2019: VB2019 keynotes, Operation Soft Cell, APT10, Regin, APT33, ViceLeaker, GreenFlash Sundown, Spelevo, RIg, Triada, Ritlok, Scranos, etc.

24 June 2019: Turla and fourth-party collection, GandCrab, Sodinokibi, Bouncing Golf, Ryuk, Cobalt Strike, Danabot, Ngioweb, LoudMiner/Bird Miner, etc.

17 June 2019: MuddyWater, FIN8, Xenotime, Hide'n'Seek, TA505, Exim worm, Ursnif, Patch Tuesday, Echobot, IPStorm, Fishwrap, etc.  

10 June 2019: Lazarus, Triada, PLATINUM, Carbanak, HAWKBALL, Frankenstein, Zebrocy, GoldBrute, Magecart, BeiTaAd, Scattered Canary, etc.

3 June 2019: BlueKeep, CVE-2019-0604, Turla, HiddenWasp, Hidden Bee, Nansh0u, ATM malware, Magecart Group 1, Emotet, TA505, etc.

28 May 2019: MuddyWater, Satan ransomware, Cyber Command, Zebrocy, APT10, iframe skimming, ProtonBot, GandCrab, 16Shop, etc.

20 May 2019: RDP worm warning, Patch Tuesday, Acrobat Reader RCEs, WhatsApp, Plead, ScarCruft, Winnti, Reaver, Endless Mayfly, Goznym, etc.

14 May 2019: Turla's LightNeuron, Buckeye, FIN7, Dharma, BEC using RATs, Uzbekistan DDoS and phishing, Megacortex, Confluence, etc.

6 May 2019: Megacortex, supply-chain actor, WebLogic vulnerability, MuddyWater, OilRig, LockerGoga, Coinhive, Qakbot, support scans, Buhtrap and RTM, etc.

29 April 2019: NTP, Fake News, DNSpionage and Karkoff, Carbanak, Emotet, Babyshark, Ocean Lotus, Beapy, ShadowHammer, TA505, Mirai, etc.

23 April 2019: Sea Turtle, Aggah, Luhansk APT attacks, DNS tunneling and OilRig, DNS logs, CVE-2019-0859, MuddyWater, BitPaymer, HawkEye, etc.

15 April 2019: GossipGirl and Flame 2.0, TRITON, OceanLotus, Emotet, Qakbot, MuddyWater, WINRAR, Gaza Cybergang, Tajmahal, Exodus, Gustuff, etc.

8 April 2019: Stalkerware, VB2019 programme, Ryuk and LockerGoga, Emotet and Trickbot, Ocean Lotus, spam server, hacked home routers, etc.

1 April 2019: Car hacking, ShadowHammer, Exodus spyware, Elfin, WinRAR, LUCKY ELEPHANT, Scanbox, Lazarus Group, PsiXBot, Soula, etc.

25 March 2019: Android app analysis, email security report, Lockergoga, Cardinal RAT, FIN7, Pegasus, Bokbot, Trickbot, Ocean Lotus, Nanocore RAT, etc.

19 March 2019: Patch Tuesday, CVE-2019-0797, GlitchPOS, DMSniff, Operation Commando, Nymaim, Ursnif, Predator, Danabot, GMO sniffer, Emotet, etc.

11 March 2019: CRASHOVERRIDE, Pirrit, SLUB, WhiteFly, Chafer, Emotet, APT40, OAuth phishing in Egypt, Ryuk, GandCrab, Office 365 phishing, etc.

4 March 2019: Cyber Threat Alliance, Cobalt Strike, BITTER APT, Farseer, Bronze Union, Magecart, Necurs, Windows DHCP vulnerability, etc.

25 February 2019: Domain mortality, constraint programming, malspam, APT group ranking, Lazarus Group, BabyShark, Blind Eagle, Brushaloader, etc.

18 February 2019: Balkanisation, Old Phantom Crypter, DNS in Venezuela, AZORult, Trickbot, IcedID, exploit kits, fake updates, Quasar RAT, etc.

11 February 2019: VB2019 CFP, Nullcon, Emotet, Bushaloader, GoDaddy DNS, ExileRAT and LuckyCat, Ocean Lotus, Android spyware in Korea, APT10, IcedID, etc.

4 February 2019: Tracking apps, journalists and threat intelligence, malspam and phishing, Project Raven, SS7 hacking, Lazarus Group, APT39, Chafer, Orcus, etc.

28 January 2019: VB2019 CFP, Formbook, malspam and phishing, Emotet, DNSpionage, GreyEnergy and Zebrocy, WRITE, WindTail, malvertising, Fallout exploit kit, etc.

21 January 2019: VB2019 CFP, Hacking Team, malspam and phishing, Mydoom, Magecart, Adminer and MySQL, DarkHydrus, Telegram bots, Lazarus Group, Lojax, etc.

14 January 2019: WeddingCake and Zen Android malware, Ryuk, DNSpionage, Zebrocy, Singapore data breach, ChinaZ, Hide'N'Seek, etc.

7 January 2019: APT actors, attacks against North Korean defectors, Ryuk ransomware, Vidar, phishing with letter-swapping font, Goblin Panda, MobSTSPY, etc.

24 December 2018: APT10, 2FA phishing, Shamoon and APT33, CVE-2018-8653, Underminer exploit kit, Ryuk, WindTail macOS malware, etc.

17 December 2018: exploit builders, APT-C-23, CVE-2018-8611, Shamoon, Virut, Operation Sharpshooter, Charming Kitten, Sofacy, bomb hoax spam, etc.

10 December 2018: Necurs, Hide'N'Seek, Mirai, Kelihos, STOLEN PENCIL, Magecart, ForSSHe, DarthMiner, etc.

3 December 2018: SamSam, Pegasus, exploit kits, 3ve takedown, Backswap, DNSpionage, MuddyWater, Bladabindi, etc.

26 November 2018: Lazarus, Cozy Bear, Fancy Bear, OceanLotus, Magecart, IoT botnets, OilRig, FIN7, etc.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.