Virus Bulletin News

Syndikovat obsah
The latest Blog posts from the VB team
Aktualizace: 27 min 55 sek zpět

VB2017 paper: Nine circles of Cerber

15 Prosinec, 2017 - 15:12
Cerber is one of the major names in the world of ransomware, and last year, Check Point released a decryption service for the malware. Today, we publish a VB2017 paper by Check Point's Stanislav Skuratovich describing how the Cerber decryption tool worked; we have also uploaded the video of the presentation of this paper, by Or Eshed and Yaniv Balmas.

Read more
Kategorie: Viry a Červi

Attack on Fox-IT shows how a DNS hijack can break multiple layers of security

14 Prosinec, 2017 - 17:00
Dutch security firm Fox-IT deserves praise for being open about an attack on its client network. There are some important lessons to be learned about DNS security from its post-mortem.

Read more
Kategorie: Viry a Červi

Throwback Thursday: BGP - from route hijacking to RPKI: how vulnerable is the Internet?

14 Prosinec, 2017 - 15:09
For this week's Throwback Thursday, we look back at the video of a talk Level 3's Mike Benjamin gave at VB2016 in Denver, on BGP and BGP hijacks.

Read more
Kategorie: Viry a Červi

Security Planner gives security advice based on your threat model

13 Prosinec, 2017 - 16:16
Citizen Lab's Security Planner helps you improve your online safety, based on the specific threats you are facing.

Read more
Kategorie: Viry a Červi

VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week

11 Prosinec, 2017 - 11:15
Today, we publish the video of the VB2017 presentation by Avast researcher Jakub Kroustek and his former colleague Előd Kironský, now at ESET, who told the story of Spora, one of of the most prominent ransomware families of 2017.

Read more
Kategorie: Viry a Červi

VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week

11 Prosinec, 2017 - 11:15
Today, we publish the video of the VB2017 presentation by Avast researcher Jakub Kroustek and his former colleague Előd Kironský, now at ESET, who told the story of Spora, one of of the most prominent ransomware families of 2017.

Read more
Kategorie: Viry a Červi

VB2017 paper: Modern reconnaissance phase on APT – protection layer

7 Prosinec, 2017 - 11:46
During recent research, Cisco Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. At VB2017 in Madrid, two of those researchers, Paul Rascagneres and Warren Mercer, presented a paper detailing five case studies that demonstrate how the infection vector is evolving. Today we publish both Paul and Warren's paper and the recording of their presentation.

Read more
Kategorie: Viry a Červi

VB2017 paper: Modern reconnaissance phase on APT – protection layer

7 Prosinec, 2017 - 11:46
During recent research, Cisco Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. At VB2017 in Madrid, two of those researchers, Paul Rascagneres and Warren Mercer, presented a paper detailing five case studies that demonstrate how the infection vector is evolving. Today we publish both Paul and Warren's paper and the recording of their presentation.

Read more
Kategorie: Viry a Červi

VB2017 paper: Peering into spam botnets

1 Prosinec, 2017 - 14:32
At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.

Read more
Kategorie: Viry a Červi

VB2017 paper: Peering into spam botnets

1 Prosinec, 2017 - 14:32
At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.

Read more
Kategorie: Viry a Červi

Throwback Thursday: Anti-malware testing undercover

30 Listopad, 2017 - 14:57
We look back at the VB2016 presentation by Righard Zwienenberg (ESET) and Luis Corrons (Panda Security), in which they discussed various issues relating to anti-malware testing.

Read more
Kategorie: Viry a Červi

Virus Bulletin relaunches VB Security Jobs Market for both employers and job seekers

30 Listopad, 2017 - 14:21
As an independent body in the IT security industry, Virus Bulletin is in an ideal position to act as a global source of information both about jobs currently available in the field and about those candidates currently seeking to start or progress their career in the industry - which is why we have relaunched the VB Security Jobs Market.

Read more
Kategorie: Viry a Červi

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

29 Listopad, 2017 - 14:37
At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.

Read more
Kategorie: Viry a Červi

Tizi Android malware highlights the importance of security patches for high-risk users

28 Listopad, 2017 - 15:43
Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.

Read more
Kategorie: Viry a Červi

Virus Bulletin to attend AMTSO, AVAR and Botconf

27 Listopad, 2017 - 11:45
Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.

Read more
Kategorie: Viry a Červi

VB2017 video: FinFisher: New techniques and infection vectors revealed

24 Listopad, 2017 - 16:00
Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.

Read more
Kategorie: Viry a Červi

Throwback Thursday: The beginning of the end(point): where we are now and where we'll be in five years

23 Listopad, 2017 - 15:15
We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

Read more
Kategorie: Viry a Červi

VB2017 paper: Beyond lexical and PDNS: using signals on graphs to uncover online threats at scale

22 Listopad, 2017 - 16:57
At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

Read more
Kategorie: Viry a Červi

Firefox 59 to make it a lot harder to use data URIs in phishing attacks

21 Listopad, 2017 - 17:01
Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

Read more
Kategorie: Viry a Červi