Bulletin

An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.

Behavioural Detection and Prevention of Malware on OS X

Vincent Van Mieghem (Delft University of Technology)

Malware on Apple’s OS X systems is proving to be an increasing security threat, and one that is currently countered solely with traditional anti-virus (AV) technologies. Traditional AV technologies impose a significant performance overhead on the…

Read more  

Throwback Thursday: Olympic Games

Mikko Hyppönen (Data Fellows)

In 1994, along with the Olympic Games came an Olympic virus, from a group of Swedish virus authors calling themselves ‘Immortal Riot’. Mikko Hyppönen had the details.

Read more  

Throwback Thursday: Holding the Bady

Costin Raiu (Kaspersky Lab)

In 2001, ‘Code Red’ caused White House administrators to change the IP address of the official White House website, and even penetrated the mighty Microsoft’s own IIS servers. In August 2001, Costin Raiu analysed the Win32/Bady.worm,

Read more  

The Journey of Evasion Enters Behavioural Phase

Ankit Anubhav (FireEye)

No malware author wants their piece of code to be easy to detect. Over time, several different approaches have been put into action to detect malware, and in response, malware authors have put into action different methods of evading them. This paper…

Read more  

Throwback Thursday: You Are the Weakest Link, Goodbye! - Passwords, Malware and You

Martin Overton (Independent Researcher)

Have you heard the one about the computer user who used their pet’s name as their password? Just like jokes, it seems the old ones and the obvious ones are considered the best when it comes to users selecting their passwords. Martin Overton looks at…

Read more  

New Keylogger on the Block

Gabor Szappanos (Sophos)

This paper provides an overview of the KeyBase trojan, both the keylogger itself and the server-side management component. Additionally, we will look at an example of when this trojan was used.

Read more  

VB2015 paper: DDoS Trojan: A Malicious Concept that Conquered the ELF Format

In their VB2015 paper, Peter Kálnai and Jaromír Hořejší look at the current state of DDoS trojans forming covert botnets on unsuspecting systems. The paper provides a technical analysis of the most important malware families, with a specific focus on…

Read more  

VB2015 paper: The Kobayashi Maru dilemma

Morton Swimmer (Trend Micro)
Nick FitzGerald (Independent researcher)
Andrew Lee (ESET)

How do you win a game when the rules don’t let you? You change the rules! In the computer security field, one possible game-changer is aggressively fighting back. Star Trek’s fictional James T. Kirk changed the Kobayashi Maru simulation from a no-win…

Read more  

VB2015 paper: Attack on the Drones

Oleg Petrovsky (HP)

This paper analyses various popular multi-rotor unmanned aerial vehicle (UAV) configurations and controllers for susceptibility to known and proof-of-concept security attacks. The study includes analysis of existing malicious attack claims and their…

Read more  

VB2015 paper: Speaking Dyreza Protocol. Advantages of 'Learning' a New Language

Alexandru Maximciuc (Bitdefender)
Cristina Vatamanu (Bitdefender)

Most malware families are capable of evading detection and ensuring long persistence on infected machines through their update mechanisms. However, if one is able to reverse engineer such a sample and simulate C&C communication, invaluable…

Read more  

Search the Bulletin