Bulletin

An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.

VB2019 paper: The push from fiction for increased surveillance, and its impact on privacy

Miriam Cihodariu (Heimdal Security)
Andrei Bogdan Brad (Code4Romania)

Privacy is a major source of concern for people living in the digital age. Whether they are right in their suspicions or not, people have even started questioning whether their smart light bulbs are spying on them. The only certainty we have in all…

Read more  

VB2019 paper: Oops! It happened again!

Righard Zwienenberg (ESET)
Eddy Willems (G DATA Software)

This paper will take you on a scenic tour spanning three decades of malware, three decades of digital ecosystems and three decades of history repeating itself. When will we ever learn?

Read more  

VB2019 paper: A vine climbing over the Great Firewall: a long‑term attack against China

Lion Gu (Qi An Xin Threat Intelligence Center)
Bowen Pan (Qi An Xin Threat Intelligence Center)

This paper discloses details of a little-known APT group, PoisonVine, and its long history of cyberespionage activities lasting 11 years. The group is keen on Chinese entities and aims to harvest political and military intelligence. The paper…

Read more  

VB2019 paper: Fantastic Information and Where to Find it: A guidebook to open-source OT reconnaissance

Daniel Kapellmann Zafra (FireEye)

This paper explains some of the main motivations that drive threat actors to perform reconnaissance on industrial networks. It then illustrates some of the tactics that have been used by threat actors to extract OT documentation from corporate IT…

Read more  

VB2019 paper: Different ways to cook a crab: GandCrab Ransomware-as-a-Service (RaaS) analysed in depth

Alexandre Mundo Alguacil (McAfee)
John Fokker (McAfee)

This paper examines the GandCrab ransomware, the biggest Ransomware-as-a-Service (RaaS) threat seen in 2018 and the first half of 2019. Through technical analysis, several mistakes and indicators were discovered in the malware. Armed with these…

Read more  

VB2019 paper: Domestic Kitten: an Iranian surveillance program

Aseel Kayal (Check Point)
Lotem Finkelstein (Check Point)

In a fundamental regime that is constantly wary of anything that might jeopardize its stability, and a region that is a hotbed of political conflicts and dissensions, it is not surprising to discover a large‑scale surveillance campaign that keeps an…

Read more  

VB2019 paper: DNS on fire

Warren Mercer (Cisco Talos)
Paul Rascagnères (Cisco Talos)

Cisco Talos has identified malicious actors that have been targeting the DNS protocol successfully for the past several years. In this paper, researchers Warren Mercer & Paul Rascagnères present two of the threat actors they have been tracking.

Read more  

Dexofuzzy: Android malware similarity clustering method using opcode sequence

Shinho Lee (ESTsecurity)
Wookhyun Jung (ESTsecurity)
Sangwon Kim (ESTsecurity)
Jihyun Lee (ESTsecurity)
Jun-Seob Kim (ESTsecurity)

This paper proposes the use of the ‘Dalvik EXecutable Opcode Fuzzy’ (‘Dexofuzzy’) hash to find similar malware variants without the need for an analyst to have systematic or mathematical knowledge.

Read more  

VB2019 paper: We need to talk – opening a discussion about ethics in infosec

Ivan Kwiatkowski (Kaspersky)

Several professionals defend the notion that technology and ethics have nothing to do with each other. This paper presents various schools of thought pertaining to the philosophy of justice, and explores how they could help us solve some of the…

Read more  

VB2019 paper: Inside Magecart: the history behind the covert card-skimming assault on the e-Commerce industry

Yonathan Klijnsma (RiskIQ)

Magecart is an umbrella term given to at least 12 cybercrime groups that are placing digital credit card skimmers on compromised e-commerce sites at an unprecedented rate and with frightening success. This paper presents a timeline of the Magecart…

Read more  

Search the Bulletin


Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.