VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework. Read more This article has been indexed from Virus Bulletin’s blog Read the original article:…
Tag: Virus Bulletin’s blog
New paper: Collector-stealer: a Russian origin credential and information extractor
This article has been indexed from Virus Bulletin’s blog In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor. Read more Read the original article: New…
VB2021 localhost videos available on YouTube
This article has been indexed from Virus Bulletin’s blog VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch – and share – any part of the conference freely and without registration.…
VB2021 localhost is over, but the content is still available to view!
This article has been indexed from Virus Bulletin’s blog VB2021 localhost – VB’s second virtual conference – took place last week, but you can still watch all the presentations. Read more Read the original article: VB2021 localhost is over, but…
VB2020 localhost is over, but the content is still available to view!
Read the original article: VB2020 localhost is over, but the content is still available to view! VB2020 localhost – VB’s first foray into the world of virtual conferences – took place last week, but you can still watch all the…
VB2020 localhost is over, but the content is still available to view!
Read the original article: VB2020 localhost is over, but the content is still available to view! VB2020 localhost – VB’s first foray into the world of virtual conferences – took place last week, but you can still watch all the…
New additions complete the VB2020 localhost programme
Read the original article: New additions complete the VB2020 localhost programme The programme for VB2020 localhost – the first virtual, and entirely free to attend VB conference – is now complete, with new additions to both the live programme and…
New additions complete the VB2020 localhost programme
Read the original article: New additions complete the VB2020 localhost programme The programme for VB2020 localhost – the first virtual, and entirely free to attend VB conference – is now complete, with new additions to both the live programme and…
VB2020 localhost call for last minute papers: a unique opportunity
Read the original article: VB2020 localhost call for last minute papers: a unique opportunity Why VB2020 localhost presents a unique opportunity for you to share your research with security experts around the globe. Read more Advertise on IT Security…
VB2020 localhost call for last minute papers: a unique opportunity
Read the original article: VB2020 localhost call for last minute papers: a unique opportunity Why VB2020 localhost presents a unique opportunity for you to share your research with security experts around the globe. Read more Advertise on IT Security…
VB2020 localhost call for last-minute papers now open!
Read the original article: VB2020 localhost call for last-minute papers now open! The call for last-minute papers for VB2020 localhost is now open. Submit before 17 August to have your paper considered for one of the nine slots reserved for…
VB2020 localhost call for last-minute papers opened!
Read the original article: VB2020 localhost call for last-minute papers opened! The call for last-minute papers for VB2020 localhost is now open. Submit before 17 August to have your paper considered for one of the nine slots reserved for ‘hot’…
Announcing… VB2020 localhost
Read the original article: Announcing… VB2020 localhost Announcing VB2020 localhost: the carbon neutral, budget neutral VB conference! Read more Advertise on IT Security News. Read the original article: Announcing… VB2020 localhost
VB2019 paper: APT cases exploiting vulnerabilities in region-specific software
Read the original article: VB2019 paper: APT cases exploiting vulnerabilities in region-specific software At VB2019, JPCERT/CC’s Shusei Tomonaga and Tomoaki Tani presented a paper on attacks that exploit vulnerabilities in software used only in Japan, using malware that is unique…
VB2019 paper: APT cases exploiting vulnerabilities in region-specific software
Read the original article: VB2019 paper: APT cases exploiting vulnerabilities in region-specific software At VB2019, JPCERT/CC’s Shusei Tomonaga and Tomoaki Tani presented a paper on attacks that exploit vulnerabilities in software used only in Japan, using malware that is unique…
New paper: Detection of vulnerabilities in web applications by validating parameter integrity and data flow graphs
Read the original article: New paper: Detection of vulnerabilities in web applications by validating parameter integrity and data flow graphs In a follow-up to a paper presented at VB2019, Prismo Systems researchers Abhishek Singh and Ramesh Mani detail algorithms that…
VB2020 programme announced
Read the original article: VB2020 programme announced VB is pleased to reveal the details of an interesting and diverse programme for VB2020, the 30th Virus Bulletin International Conference. Read more Advertise on IT Security News. Read the original article:…
VB2020 programme announced
Read the original article: VB2020 programme announced VB is pleased to reveal the details of an interesting and diverse programme for VB2020, the 30th Virus Bulletin International Conference. Read more Advertise on IT Security News. Read the original article:…
VB2019 paper: Cyber espionage in the Middle East: unravelling OSX.WindTail
At VB2019 in London, Jamf’s Patrick Wardle analysed the WindTail macOS malware used by the WindShift APT group, active in the Middle East. Today we publish both Patrick’s paper and the recording of his presentation. Read more Advertise on…
VB2019 paper: 2,000 reactions to a malware attack – accidental study
At VB2019 cybercrime journalist and researcher Adam Haertlé presented an analysis of almost 2000 unsolicited responses sent by victims of a malicious email campaign. Today we publish both his paper and the recording of his presentation. Read more Advertise…
VB2019 paper: 2,000 reactions to a malware attack – accidental study
At VB2019 cybercrime journalist and researcher Adam Haertlé presented an analysis of almost 2000 unsolicited responses sent by victims of a malicious email campaign. Today we publish both his paper and the recording of his presentation. Read more Advertise…
VB2019 paper: Why companies need to focus on a problem they do not know they have
Often unbeknownst to network administrators, many company networks are used to download child sexual abuse material. In a paper presented at VB2019 in London, NetClean’s Richard Matti and Anna Creutz looked at this problem and what companies can do, ultimately,…
VB2020 update – currently business as usual
Here at VB we are keeping a close eye on the global situation regarding the COVID-19 outbreak and the various travel restrictions and health advice, but in the meantime planning and arrangements for VB2020 are going ahead as usual, including…
VB2020 update – currently business as usual
Here at VB we are keeping a close eye on the global situation regarding the COVID-19 outbreak and the various travel restrictions and health advice, but in the meantime planning and arrangements for VB2020 are going ahead as usual, including…
VB2019 paper: Defeating APT10 compiler-level obfuscations
At VB2019 in London, Carbon Black researcher Takahiro Haruyama presented a paper on defeating compiler-level obfuscations used by the APT10 group. Today we publish both Takahiro’s paper and the recording of his presentation. Read more Advertise on IT Security…
VB2019 paper: Attribution is in the object: using RTF object dimensions to track APT phishing weaponizers
At VB2019 in London Michael Raggi (Proofpoint) and Ghareeb Saad (Anomali) presented a paper on the ‘Royal Road’ exploit builder (or weaponizer) and how the properties of RTF files can be used to track weaponizers and their users. Today we…
VB2019 presentation: Nexus between OT and IT threat intelligence
Operational technology, the mission critical IT in ICS, shares many similarities with traditional IT systems, but also some crucial differences. During the Threat Intelligence Practitioners’ Summit at VB2019, Dragos cyber threat intelligence analyst Selena Larson gave a keynote on these…
VB2019 paper: Kimsuky group: tracking the king of the spear-phishing
In a paper presented at VB2019 in London, researchers fron the Financial Security Institute detailed the tools and activities used by the APT group ‘Kimsuky’, some of which they were able to analyse through OpSec failures by the group. Today,…
VB2019 paper: Play fuzzing machine – hunting iOS and macOS kernel vulnerabilities automatically and smartly
In a paper presented at VB2019 in London, Trend Micro researchers Lilang Wu and Moony Li explained how the hunt for vulnerabilities in MacOS and iOS operating systems can be made both smarter and more automatic. Today we publish both…
VB2019 paper: Finding drive-by rookies using an automated active observation platform
In a last-minute paper presented at VB2019 in London, Rintaro Koike (NTT Security) and Yosuke Chubachi (Active Defense Institute, Ltd) discussed the platform they have built to automatically detect and analyse exploit kits. Today we publish the recording of their…
VB2019 paper: Static analysis methods for detection of Microsoft Office exploits
Today we publish the VB2019 paper and presentation by McAfee researcher Chintan Shah in which he described static analysis methods for the detection of Microsoft Office exploits. Read more Advertise on IT Security News. Read the complete article: VB2019…
VB2019 paper: Static analysis methods for detection of Microsoft Office exploits
Today we publish the VB2019 paper and presentation by McAfee researcher Chintan Shah in which he described static analysis methods for the detection of Microsoft Office exploits. Read more Advertise on IT Security News. Read the complete article: VB2019…
New paper: LokiBot: dissecting the C&C panel deployments
First advertised as an information stealer and keylogger when it appeared in underground forums in 2015, LokiBot has added various capabilities over the years and has affected many users worldwide. In a new paper researcher Aditya Sood analyses the URL…
New paper: LokiBot: dissecting the C&C panel deployments
First advertised as an information stealer and keylogger when it appeared in underground forums in 2015, LokiBot has added various capabilities over the years and has affected many users worldwide. In a new paper researcher Aditya Sood analyses the URL…
VB2019 presentation: Building secure sharing systems that treat humans as features not bugs
In a presentation at VB2019 in London, Virtru’s Andrea Limbago described how, by exploring data sharing challenges through a socio-technical lens, it is possible to make significant gains toward the secure sharing systems and processes that are vital for innovation…
VB2019 presentation: Attor: spy platform with curious GSM fingerprinting
Attor is a newly discovered cyber-espionage platform, use of which dates back to at least 2014 and which focuses on diplomatic missions and governmental institutions. Details of Attor were presented at VB2019 in London by ESET researcher Zuzana Hromcová. Today…
VB2019 presentation: Attor: spy platform with curious GSM fingerprinting
Attor is a newly discovered cyber-espionage platform, use of which dates back to at least 2014 and which focuses on diplomatic missions and governmental institutions. Details of Attor were presented at VB2019 in London by ESET researcher Zuzana Hromcová. Today…
Why we encourage newcomers and seasoned presenters alike to submit a paper for VB2020
With the call for papers for VB2020 currently open, we explain why, whether you’ve never presented before or you’re a conference circuit veteran, if you have some interesting research to share with the community we want to hear from you!…
VB2019 paper: The cake is a lie! Uncovering the secret world of malware-like cheats in video games
At VB2019 in London, Kaspersky researcher Santiago Pontiroli presented a paper on the growing illegal economy around video game cheats and its parallels with the malware industry. Today we publish both Santiago’s paper and the recording of his presentation. Read…
VB2019 paper: Rich headers: leveraging the mysterious artifact of the PE format
In a paper presented at VB2019 in London, ESET researchers Peter Kálnai and Michal Poslušný discussed the subject of rich headers and how it can be useful in malware research. Today we publish both their paper and the recording of…
VB2019 paper: Medical IoT for diabetes and cybercrime
At VB2019 in London, Fortinet researcher Axelle Apvrille presented a paper co-written with Aamir Lakhani that looked at the threats faced by those who use medical IoT devices to help manage their diabetes. Today we publish the researchers’ paper, as…
VB2019 paper: Medical IoT for diabetes and cybercrime
At VB2019 in London, Fortinet researcher Axelle Apvrille presented a paper co-written with Aamir Lakhani that looked at the threats faced by those who use medical IoT devices to help manage their diabetes. Today we publish the researchers’ paper, as…
VB2019 paper: Spoofing in the reeds with Rietspoof
In a VB2019 paper Avast researchers Jan Sirmer, Luigino Camastra and Adolf Středa revealed full details of the Rietspoof malware. Today we publish their paper and the recording of the presentation given by Jan and Luigino in London. Read more…
New paper: Behind the scenes of GandCrab’s operation
The GandCrab ransomware regularly updated itself to newer versions to stay ahead of decryptors released by security researchers, and regularly included taunts, jokes and references to security organizations in its code. In a new paper, the AhnLab Security Analysis Team…
New paper: Behind the scenes of GandCrab’s operation
The GandCrab ransomware regularly updated itself to newer versions to stay ahead of decryptors released by security researchers, and regularly included taunts, jokes and references to security organizations in its code. In a new paper, the AhnLab Security Analysis Team…
VB2019 paper: King of the hill: nation-state counterintelligence for victim deconfliction
At VB2019 Juan Andres Guerrero-Saade looked at nation-state actors using threat intelligence for victim deconfliction. Today we publish both his paper and the recording of his presentation. Read more Advertise on IT Security News. Read the complete article: VB2019…
The VB2020 call for papers – how it works
With the VB2020 Call for Papers now open, we explain how the selection procedure works, which may help you during your abstract submission. Read more Advertise on IT Security News. Read the complete article: The VB2020 call for papers…
VB2019 presentation: Targeted attacks through ISPs
In 2019 we saw a rise in the number of targeted malware infections spread via ISPs and service providers. In a last-minute paper presented at VB2019 in London, Kaspersky researcher Denis Legezo discussed the details of a number of such…
VB2019 presentation: A deep dive into iPhone exploit chains
In a last-minute presentation at VB2019 in London, John Bambenek of the University of Illinois at Urbana-Champaign discussed details of campaigns that used advanced iOS and Android exploit chains against China’s Uighur minority. Today we release the recording of John’s…
Latest VBWeb report describes current state of the web-based threat landscape
Today we released the Winter 2020 VBWeb report, detailing the performance of web security products against live web threats and looking at the current state of the web-based threat landscape. Read more Advertise on IT Security News. Read the…
VB2019 paper: Catch me if you can: detection of injection exploitation by validating query and API integrity
In a paper presented at VB2019 in London, Prismo Systems researchers Abhishek Singh and Ramesh Mani discussed code injection vulnerabilities and presented a tool that could detect this vulnerability class. Today we publish their paper and the recording of their…