Virus Buletin Board

The latest Blog posts from the VB team
Updated: 18 min 29 sec ago

VB2017 paper: Nine circles of Cerber

Fri, 12/15/2017 - 15:12
Cerber is one of the major names in the world of ransomware, and last year, Check Point released a decryption service for the malware. Today, we publish a VB2017 paper by Check Point's Stanislav Skuratovich describing how the Cerber decryption tool worked; we have also uploaded the video of the presentation of this paper, by Or Eshed and Yaniv Balmas.

Read more
Categories: Data nyheter

Attack on Fox-IT shows how a DNS hijack can break multiple layers of security

Thu, 12/14/2017 - 17:00
Dutch security firm Fox-IT deserves praise for being open about an attack on its client network. There are some important lessons to be learned about DNS security from its post-mortem.

Read more
Categories: Data nyheter

Throwback Thursday: BGP - from route hijacking to RPKI: how vulnerable is the Internet?

Thu, 12/14/2017 - 15:09
For this week's Throwback Thursday, we look back at the video of a talk Level 3's Mike Benjamin gave at VB2016 in Denver, on BGP and BGP hijacks.

Read more
Categories: Data nyheter

Security Planner gives security advice based on your threat model

Wed, 12/13/2017 - 16:16
Citizen Lab's Security Planner helps you improve your online safety, based on the specific threats you are facing.

Read more
Categories: Data nyheter

VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week

Mon, 12/11/2017 - 11:15
Today, we publish the video of the VB2017 presentation by Avast researcher Jakub Kroustek and his former colleague Előd Kironský, now at ESET, who told the story of Spora, one of of the most prominent ransomware families of 2017.

Read more
Categories: Data nyheter

VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week

Mon, 12/11/2017 - 11:15
Today, we publish the video of the VB2017 presentation by Avast researcher Jakub Kroustek and his former colleague Előd Kironský, now at ESET, who told the story of Spora, one of of the most prominent ransomware families of 2017.

Read more
Categories: Data nyheter

VB2017 paper: Modern reconnaissance phase on APT – protection layer

Thu, 12/07/2017 - 11:46
During recent research, Cisco Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. At VB2017 in Madrid, two of those researchers, Paul Rascagneres and Warren Mercer, presented a paper detailing five case studies that demonstrate how the infection vector is evolving. Today we publish both Paul and Warren's paper and the recording of their presentation.

Read more
Categories: Data nyheter

VB2017 paper: Modern reconnaissance phase on APT – protection layer

Thu, 12/07/2017 - 11:46
During recent research, Cisco Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. At VB2017 in Madrid, two of those researchers, Paul Rascagneres and Warren Mercer, presented a paper detailing five case studies that demonstrate how the infection vector is evolving. Today we publish both Paul and Warren's paper and the recording of their presentation.

Read more
Categories: Data nyheter

VB2017 paper: Peering into spam botnets

Fri, 12/01/2017 - 14:32
At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.

Read more
Categories: Data nyheter

VB2017 paper: Peering into spam botnets

Fri, 12/01/2017 - 14:32
At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.

Read more
Categories: Data nyheter

Throwback Thursday: Anti-malware testing undercover

Thu, 11/30/2017 - 14:57
We look back at the VB2016 presentation by Righard Zwienenberg (ESET) and Luis Corrons (Panda Security), in which they discussed various issues relating to anti-malware testing.

Read more
Categories: Data nyheter

Virus Bulletin relaunches VB Security Jobs Market for both employers and job seekers

Thu, 11/30/2017 - 14:21
As an independent body in the IT security industry, Virus Bulletin is in an ideal position to act as a global source of information both about jobs currently available in the field and about those candidates currently seeking to start or progress their career in the industry - which is why we have relaunched the VB Security Jobs Market.

Read more
Categories: Data nyheter

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

Wed, 11/29/2017 - 14:37
At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.

Read more
Categories: Data nyheter

Tizi Android malware highlights the importance of security patches for high-risk users

Tue, 11/28/2017 - 15:43
Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.

Read more
Categories: Data nyheter

Virus Bulletin to attend AMTSO, AVAR and Botconf

Mon, 11/27/2017 - 11:45
Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.

Read more
Categories: Data nyheter

VB2017 video: FinFisher: New techniques and infection vectors revealed

Fri, 11/24/2017 - 16:00
Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.

Read more
Categories: Data nyheter

Throwback Thursday: The beginning of the end(point): where we are now and where we'll be in five years

Thu, 11/23/2017 - 15:15
We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

Read more
Categories: Data nyheter

VB2017 paper: Beyond lexical and PDNS: using signals on graphs to uncover online threats at scale

Wed, 11/22/2017 - 16:57
At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

Read more
Categories: Data nyheter

Firefox 59 to make it a lot harder to use data URIs in phishing attacks

Tue, 11/21/2017 - 17:01
Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

Read more
Categories: Data nyheter

Standalone product test: FireEye Endpoint

Thu, 11/16/2017 - 16:38
Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

Read more
Categories: Data nyheter

Pages

KONTAKTA OSS

Tel: 0930-318 13

SMS: 076-815 18 06

email: nash@nashnet.nu

Contact

Custom Search