An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
Jun Yong Park (AhnLab)
Given the rapid growth of Android applications and malware, the use of behaviour-based methods is one of the most promising approaches for malware detection. Many security researchers are struggling with how to determine malicious behaviours and…
Read moreHeather Goudey (Independent researcher)
Jasmine Sesso (Microsoft)
This paper looks at the state of the AV industry in the context of the Internet of Things (IoT) in 2015, then drills down into the specific security implications faced, as well as, the current approaches taken to address them. We examine the…
Read morePavel Sramek (Avast Software)
Martin Smarda (Avast Software)
In the past few years, not a VB conference has gone by without a talk about someone hacking the devices they have at home. Be it routers, NAS-es or ‘smart’ TVs, there has always been one thing in common: the vendors have ignored the problems and…
Read moreDigital steganography is a method of concealing a file, message, image or video within another file, message, image or video. The technique is used by a piece of malware popularly known as Stegoloader (or W32/Gatak), a trojan or downloader for…
Read moreAnthony Joe Melgarejo (Trend Micro)
After a series of takedowns of command and control (C&C) servers related to notorious banking and ransom malware such as GameOver Zeus, CryptoLocker and Citadel, cybercriminals started to look for innovative ways to make their infrastructure…
Read moreThe Virus Bulletin Virus Prevalence Table, which ran from 1992 until 2013, gave users a regular snapshot of what was really going on in the virus world, recording the number of incidents of each virus reported to VB in the preceding month. In August…
Read moreDuring an audit of the Apache OpenMeetings program code, Andreas Lindh came across two vulnerabilities which, with some additional trickery, would allow for an unauthenticated attacker to gain remote code execution on the system, with knowledge of an…
Read moreWord and Excel’s internal file formats used to be something in which few were interested – but the appearance of macro viruses in the mid 90s changed all that, as Andrew Krukov explains.
Read moreIn 2004, the entire crypto community was abuzz with the news that a group of Chinese researchers had demonstrated flaws in a whole set of hash functions - VB took a closer look to clarify the situation and draw lessons from the incident.
Read moreNearly every day, cybercriminals are using scams over mobile messaging to execute several types of money-stealing mobile attacks on North American banks. This paper will use real-world data obtained from various mobile operators showing cybercriminal…
Read more