Virus Bulletin newsletter

The Virus Bulletin newsletter is a weekly round-up presenting an overview of the best threat intelligence sources from around the web, with a focus on technical analyses of threats and attacks.

VB-newsletter-img.jpg

 

Subscribe

Enter your email address to subscribe to the newsletter. (You will receive an email to confirm your subscription; you will not be subscribed until you have clicked on the link in the email.)

We will not use your email address for any purpose other than to send you the newsletter; see our privacy policy for more details.

 

Archive

20 August 2019: AfricaHackon, Cloud Atlas, Patch Tuesday and DejaBlue, Photoshop vulnerabilities, GoBrut, BalkanDoor and BalkanRAT, etc.

13 August 2019: Protonmail phishing, APT41, Machete, BITTER, Sodinokibi, STRONTIUM and IoT, MoqHao, GermanWiper, Bladr, Lokibot, etc.

30 July 2019: VB2019 call for last-minute papers, Winnti, Energetic Bear, IcedID, Phobos, Brushaloader, Spelevo, NoMoreRansom.

22 July 2019: PowerBrace, Turla/Topinambour, Ke3chang, SLUB, Projecto RAT, APT34, EvilGnome, CVE-2018-0798, StrongPity, Bitpaymer, etc.

15 July 2019: Buhtrap, Patch Tuesday, FinFisher, Sea Turtle, DNS hijacks, QNAPCrypt, Excel formula injections, Doppelpaymer, Router exploit kits, etc.

8 July 2019: Péter Szőr Award, CVE-2018-0798, Godlua, Operation Tripoli, Heaven's Gate, Sodinokibi, TA505, Hancitor and Cobalt Strike, BianLian, etc.

1 July 2019: VB2019 keynotes, Operation Soft Cell, APT10, Regin, APT33, ViceLeaker, GreenFlash Sundown, Spelevo, RIg, Triada, Ritlok, Scranos, etc.

24 June 2019: Turla and fourth-party collection, GandCrab, Sodinokibi, Bouncing Golf, Ryuk, Cobalt Strike, Danabot, Ngioweb, LoudMiner/Bird Miner, etc.

17 June 2019: MuddyWater, FIN8, Xenotime, Hide'n'Seek, TA505, Exim worm, Ursnif, Patch Tuesday, Echobot, IPStorm, Fishwrap, etc.  

10 June 2019: Lazarus, Triada, PLATINUM, Carbanak, HAWKBALL, Frankenstein, Zebrocy, GoldBrute, Magecart, BeiTaAd, Scattered Canary, etc.

3 June 2019: BlueKeep, CVE-2019-0604, Turla, HiddenWasp, Hidden Bee, Nansh0u, ATM malware, Magecart Group 1, Emotet, TA505, etc.

28 May 2019: MuddyWater, Satan ransomware, Cyber Command, Zebrocy, APT10, iframe skimming, ProtonBot, GandCrab, 16Shop, etc.

20 May 2019: RDP worm warning, Patch Tuesday, Acrobat Reader RCEs, WhatsApp, Plead, ScarCruft, Winnti, Reaver, Endless Mayfly, Goznym, etc.

14 May 2019: Turla's LightNeuron, Buckeye, FIN7, Dharma, BEC using RATs, Uzbekistan DDoS and phishing, Megacortex, Confluence, etc.

6 May 2019: Megacortex, supply-chain actor, WebLogic vulnerability, MuddyWater, OilRig, LockerGoga, Coinhive, Qakbot, support scans, Buhtrap and RTM, etc.

29 April 2019: NTP, Fake News, DNSpionage and Karkoff, Carbanak, Emotet, Babyshark, Ocean Lotus, Beapy, ShadowHammer, TA505, Mirai, etc.

23 April 2019: Sea Turtle, Aggah, Luhansk APT attacks, DNS tunneling and OilRig, DNS logs, CVE-2019-0859, MuddyWater, BitPaymer, HawkEye, etc.

15 April 2019: GossipGirl and Flame 2.0, TRITON, OceanLotus, Emotet, Qakbot, MuddyWater, WINRAR, Gaza Cybergang, Tajmahal, Exodus, Gustuff, etc.

8 April 2019: Stalkerware, VB2019 programme, Ryuk and LockerGoga, Emotet and Trickbot, Ocean Lotus, spam server, hacked home routers, etc.

1 April 2019: Car hacking, ShadowHammer, Exodus spyware, Elfin, WinRAR, LUCKY ELEPHANT, Scanbox, Lazarus Group, PsiXBot, Soula, etc.

25 March 2019: Android app analysis, email security report, Lockergoga, Cardinal RAT, FIN7, Pegasus, Bokbot, Trickbot, Ocean Lotus, Nanocore RAT, etc.

19 March 2019: Patch Tuesday, CVE-2019-0797, GlitchPOS, DMSniff, Operation Commando, Nymaim, Ursnif, Predator, Danabot, GMO sniffer, Emotet, etc.

11 March 2019: CRASHOVERRIDE, Pirrit, SLUB, WhiteFly, Chafer, Emotet, APT40, OAuth phishing in Egypt, Ryuk, GandCrab, Office 365 phishing, etc.

4 March 2019: Cyber Threat Alliance, Cobalt Strike, BITTER APT, Farseer, Bronze Union, Magecart, Necurs, Windows DHCP vulnerability, etc.

25 February 2019: Domain mortality, constraint programming, malspam, APT group ranking, Lazarus Group, BabyShark, Blind Eagle, Brushaloader, etc.

18 February 2019: Balkanisation, Old Phantom Crypter, DNS in Venezuela, AZORult, Trickbot, IcedID, exploit kits, fake updates, Quasar RAT, etc.

11 February 2019: VB2019 CFP, Nullcon, Emotet, Bushaloader, GoDaddy DNS, ExileRAT and LuckyCat, Ocean Lotus, Android spyware in Korea, APT10, IcedID, etc.

4 February 2019: Tracking apps, journalists and threat intelligence, malspam and phishing, Project Raven, SS7 hacking, Lazarus Group, APT39, Chafer, Orcus, etc.

28 January 2019: VB2019 CFP, Formbook, malspam and phishing, Emotet, DNSpionage, GreyEnergy and Zebrocy, WRITE, WindTail, malvertising, Fallout exploit kit, etc.

21 January 2019: VB2019 CFP, Hacking Team, malspam and phishing, Mydoom, Magecart, Adminer and MySQL, DarkHydrus, Telegram bots, Lazarus Group, Lojax, etc.

14 January 2019: WeddingCake and Zen Android malware, Ryuk, DNSpionage, Zebrocy, Singapore data breach, ChinaZ, Hide'N'Seek, etc.

7 January 2019: APT actors, attacks against North Korean defectors, Ryuk ransomware, Vidar, phishing with letter-swapping font, Goblin Panda, MobSTSPY, etc.

24 December 2018: APT10, 2FA phishing, Shamoon and APT33, CVE-2018-8653, Underminer exploit kit, Ryuk, WindTail macOS malware, etc.

17 December 2018: exploit builders, APT-C-23, CVE-2018-8611, Shamoon, Virut, Operation Sharpshooter, Charming Kitten, Sofacy, bomb hoax spam, etc.

10 December 2018: Necurs, Hide'N'Seek, Mirai, Kelihos, STOLEN PENCIL, Magecart, ForSSHe, DarthMiner, etc.

3 December 2018: SamSam, Pegasus, exploit kits, 3ve takedown, Backswap, DNSpionage, MuddyWater, Bladabindi, etc.

26 November 2018: Lazarus, Cozy Bear, Fancy Bear, OceanLotus, Magecart, IoT botnets, OilRig, FIN7, etc.

 

Suggestions?

Do you have any suggestions for the newsletter? Don't hesitate to contact us. The newsletter is compiled by VB Editor Martijn Grooten.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.