An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.

Optimizing ssDeep for use at scale

Being able to find files that are similar to a particular file is quite useful, although it can be difficult to handle at scale. It can often require an infeasible number of comparisons, which need to take place outside of a database. In an attempt…

Read more  

Throwback Thursday: Legal attempts to reduce spam. A UK perspective (November 2003)

In November 2003, Martin Lee summarized from a UK perspective the various legislative attempts to ban the abuse of email by law.

Read more  

Throwback Thursday: What DDoS it all Mean? (March 2000)

In February 2000, distributed denial of service, or DDoS, attacks disrupted some of the largest websites – CNN, MSN, Yahoo and others – sites designed to serve millions of pages per day. So Nick FitzGerald asked: what are DDoS attacks? How might they…

Read more  

3ROS exploit framework kit – one more for the infection road!

Aditya K. Sood and Rohit Bansal look at a different side of an exploit kit: the interface used by the malware authors who rely on exploit kits to get their malware installed on victims' machines.

Read more  

Shifu – the rise of a self-destructive banking trojan

The banking trojan Shifu appears to inherit some of its features from several other well-known banking trojans. Floser Bacurio and Wayne Low decided to take a close look at one of its droppers.

Read more  

Throwback Thursday: Memetic Mass Mailers: Time to Classify Hoaxes as Malware? (July 2002)

In July 2002, Andrew Lee explained why an effective hoax could be as damaging as a mass-mailed fast-burning virus, and questioned whether we should begin to classify hoaxes as malware.

Read more  

Throwback Thursday: The Real Virus Problem (December 1993)

Thanks mainly to the marketing efforts of the anti-virus industry around the world, in 1993 the true extent of the computer virus problem has been efficiently concealed beneath a ragbag of pseudo-scientific projections, surveys, reports, forecasts…

Read more  

MWI-5: Operation HawkEye

Gabor Szappanos (Sophos)

Gabor Szappanos looks at a series of malware campaigns that used Office macros to download the commercial HawkEye keylogger.

Read more  

Throwback Thursday: Misguided or malevolent? New trends in virus writing (February 2004)

Writing in February 2004, Stuart Taylor considers what he believes to be the start of a new trend in virus writing and wonders whether there is truly a criminal element entering virus writing.

Read more  

Throwback Thursday: The First International Virus Bulletin Conference (October 1991)

On September 12-13th 1991, some 150 delegates and 20 speakers from four continents assembled at the Hotel de France in St. Helier, Jersey for the first International Virus Bulletin Conference. VB's then editor Ed Wilding provided a full round-up of…

Read more  

Search the Bulletin

Bulletin Archive