Notice

Virus Bulletin's blog

The latest Blog posts from the VB team
  1. WannaCry shows we need to understand why organizations don't patch
    Perhaps the question we should be asking about WannaCry is not "why do so many organizations allow unpatched machines to exist on their networks?" but "why doesn't patching work reasonably well most of the time?"

    Read more
  2. Modern security software is not necessarily powerless against threats like WannaCry
    The WannaCry ransomware has affected many organisations around the world, making it probably the worst and most damaging of its kind. But modern security is not necessarily powerless against such threats.

    Read more
  3. Throwback Thursday: CARO: A personal view
    This week sees the 11th International CARO Workshop taking place in Krakow, Poland – a prestigious annual meeting of anti-malware and security experts. As a founding member of CARO, Fridrik Skulason was well placed, in August 1994, to shed some light on the organization, to explain in detail CARO's main activities and functions, as well as the reasons behind its strict membership regulations.

    Read more
  4. VB2016 paper: Uncovering the secrets of malvertising
    Malicious advertising, a.k.a. malvertising, has evolved tremendously over the past few years to take a central place in some of today’s largest web-based attacks. It is by far the tool of choice for attackers to reach the masses but also to target them with infinite precision and deliver such payloads as ransomware. Today, we publish a paper presented at VB2016 in Denver by Malwarebytes researchers Jérôme Segura and Chris Boyd, in which they look at the advertising ecosystem, how it is used, and at what techniques are being utilised to spread malware

    Read more
  5. Throwback Thursday: Tools of the DDoS Trade
    As DDoS attacks become costlier to fix and continue to increase in both number and diversity, we turn back the clock to 2000, when Aleksander Czarnowski took a look at the DDoS tools of the day.

    Read more
  6. VB2016 paper: Building a local passiveDNS capability for malware incident response
    At VB2016, Splunk researchers Kathy Wang and Steve Brant presented a Splunk app that can be used to locally collect passive DNS data. A recording of their presentation is now available to view on our YouTube channel.

    Read more
  7. VB2016 video: Last-minute paper: A malicious OS X cocktail served from a tainted bottle
    In a VB2016 last-minute presentation, ESET researchers Peter Kalnai and Martin Jirkal looked at the OS X malware threats KeRanger and Keydnap, that both spread through a compromised BitTorrent client. A recording of their presentation is now available to view on our YouTube channel.

    Read more
  8. Consumer spyware: a serious threat with a different threat model
    Consumer spyware is a growing issue and one that can have serious consequences: its use is increasingly common in domestic violence. But do our threat models consider the attacker with physical access to, and inside knowledge of the victim?

    Read more
  9. VB2016 paper: Debugging and monitoring malware network activities with Haka
    In their VB2016 paper, Stormshield researchers Benoît Ancel and Mehdi Talbi introduced Haka, an open-source language to monitor, debug and control malicious network traffic. Both their paper and the video recording of their presentation are now available to read/view on www.virusbulletin.com.

    Read more
  10. VB2017: a wide ranging and international conference programme
    We are proud to announce a very broad and very international programme for VB2017, which will take place in Madrid, 4-6 October 2017.

    Read more