An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
Rowland Yu (Sophos)
A growing percentage of Android malware, including Zeus, SMSSend, and re-packaged applications, are packed using legitimate packers originally developed to protect the intellectual property of Android applications, with other malware having been…
Read moreStefan Catalin Hanu (Bitdefender)
Stefan Mosoi (Bitdefender)
Marius Lucaci (Bitdefender)
Analysing greyware applications and taking a definitive decision on whether or not to block them is more than often a tedious job, combining research and both dynamic and static analysis. In their VB2014 paper, Stefan Catalin Hanu, Stefan Mosoi and…
Read moreJonathan Oliver (Trend Micro)
Christopher Ke (Deakin University)
Paul Pajares (Trend Micro)
Chao Chen (Deakin University)
Yang Xiang (Deakin University)
In their VB2014 paper, Jonathan Oliver and his colleagues look at abuse on Twitter.
Read moreCathal Mullaney (Symantec)
Sayali Kulkarni (Symantec)
In their VB2014 paper, Cathal Mullaney and Sayali Kulkarni demonstrate that targeting Linux-based Apache web servers is an active and extremely effective method of malware infection. They present an overview of Linux malware and a technical analysis…
Read moreFanny Lalonde Lévesque (École Polytechnique de Montréal)
Erwann Traourouder (École Polytechnique de Montréal)
François Menet (École Polytechnique de Montréal)
Jean-Yves Marion (Université de Lorraine)
Obfuscation techniques have become increasingly prevalent in malware programs as tools to thwart reverse engineering efforts and evade signature-based detection by security products. Among the most popular methods is the use of packers, which are…
Read moreYaniv Balmas (Check Point Software Technologies)
Shahar Tal (Check Point Software Technologies)
Ron Davidson (Check Point Software Technologies)
APT campaigns are typically described with awe surrounding the technical achievements enabled by the level of resources and capacity conceivably available only to nation-state governments and intelligence agencies, often dubbed APT groups. These…
Read moreAlexander Adamov (NioGuard Security Lab)
These days, we see an increasing number of new pieces of ransomware for Android devices. They adopt new social engineering, communication and encryption techniques such as the use of Tor and advanced encryption algorithms (RSA-1024 and even elliptic…
Read moreIn mid-1997, new viruses and variants were appearing at over 250 per month, and according to Peter Morley, "Any organization which cannot process 300 viruses per month in times of stress, has no chance of keeping in the game." He split anti-virus…
Read moreBeing able to find files that are similar to a particular file is quite useful, although it can be difficult to handle at scale. It can often require an infeasible number of comparisons, which need to take place outside of a database. In an attempt…
Read moreIn November 2003, Martin Lee summarized from a UK perspective the various legislative attempts to ban the abuse of email by law.
Read more