An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
David Ensign (ACS Government Solutions Group)
In 1999, David Ensign described a typical day in the life of the Affiliated Computer Services Government Solutions Group, the group responsible for providing full service computer support to US Federal government agencies across the United States.
Read moreAnton Cherepanov (ESET)
Jean-Ian Boutin (ESET)
Over the past few years we have seen the rise of organized, specialized cybercriminal groups directly targeting financial institutions instead of their customers. This trend has been seen in several countries, but banks in Russia seem to be targeted…
Read moreRobert Lipovsky (ESET)
Anton Cherepanov (ESET)
In the past two years, BlackEnergy has become one of the top malware families of interest to system administrators with the responsibility of protecting the networks of potential targets, to security researchers who have the family in their sights,…
Read moreAxelle Apvrille (Fortinet)
While the Internet of Things blossoms with newly connected objects every day, the security and privacy of these objects is often of a lesser priority due to market pressure. To assess their effective security status – and improve it – researchers…
Read moreAditya K. Sood (Blue Coat Systems (Elastica))
Rohit Bansal (SecNiche Security Labs)
Aditya Sood and Rohit Bansal present the design of distributed infection models used by attackers to inject malicious iframes on the fly in order to conduct large-scale drive-by download attacks.
Read moreChristine Orshesky (i-secure corporation)
Christine Orshesky describes how one large organization (with over 40,000 systems in its decentralized computing environment and a diverse population of over 20,000 employees spread over various departments and networks) decided to find out how and…
Read moreVincent Van Mieghem (Delft University of Technology)
Malware on Apple’s OS X systems is proving to be an increasing security threat, and one that is currently countered solely with traditional anti-virus (AV) technologies. Traditional AV technologies impose a significant performance overhead on the…
Read moreMikko Hyppönen (Data Fellows)
In 1994, along with the Olympic Games came an Olympic virus, from a group of Swedish virus authors calling themselves ‘Immortal Riot’. Mikko Hyppönen had the details.
Read moreCostin Raiu (Kaspersky Lab)
In 2001, ‘Code Red’ caused White House administrators to change the IP address of the official White House website, and even penetrated the mighty Microsoft’s own IIS servers. In August 2001, Costin Raiu analysed the Win32/Bady.worm,
Read moreAnkit Anubhav (FireEye)
No malware author wants their piece of code to be easy to detect. Over time, several different approaches have been put into action to detect malware, and in response, malware authors have put into action different methods of evading them. This paper…
Read more