Notice

Virus Bulletin's blog

The latest Blog posts from the VB team
  1. Throwback Thursday: The beginning of the end(point): where we are now and where we'll be in five years
    We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

    Read more
  2. VB2017 paper: Beyond lexical and PDNS: using signals on graphs to uncover online threats at scale
    At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

    Read more
  3. Firefox 59 to make it a lot harder to use data URIs in phishing attacks
    Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

    Read more
  4. Standalone product test: FireEye Endpoint
    Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

    Read more
  5. VB2017 video: Consequences of bad security in health care
    Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB2017 in Madrid, in which she shared her inside view of security in hospitals.

    Read more
  6. Vulnerabilities play only a tiny role in the security risks that come with mobile phones
    Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.

    Read more
  7. VB2017 paper: The (testing) world turned upside down
    At VB2017 in Madrid, industry veteran and ESET Senior Research Fellow David Harley presented a paper on the state of security software testing. Today we publish David's paper in both HTML and PDF format.

    Read more
  8. VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel
    Trickbot, a banking trojan which appeared this year, seems to be a new, more modular, and more extensible malware descendant of the notorious Dyre botnet trojan. At VB2017, Symantec researcher Andrew Brandt presented a walkthrough of a typical Trickbot infection process, and its aftermath, as seen through the lens of a tool used to perform man-in-the-middle decryption. Today, we publish both Andrew's slides and the recording of his presentation.

    Read more
  9. Paper: FAME - Friendly Malware Analysis Framework
    Today, we publish a short paper in which CERT Société Générale presents FAME, its open source malware analysis framework.

    Read more
  10. Ebury and Mayhem server malware families still active
    Ebury and Mayhem, two families of Linux server malware, about which VB published papers back in 2014, are still active and have received recent updates.

    Read more