VB Migration

Category: blog

  • There is a place for unauthenticated key exchange, but don’t tell anyone

    Making dragnet surveillance harder justifies using weak form of encryption. Discussions on how to make the Internet more secure have been going on ever since the first two computers were connected. Recently, however, Snowden’s revelations about surveillance on a scale that was hitherto only imagined by the most paranoid have made some of these discussions…

  • NCA issues alert on CryptoLocker ransomware

    Malware demands $1,000 ransom to decrypt files. This weekend, the UK’s National Crime Agency (NCA) issued an alert about the ‘CryptoLocker’ ransomware – following a similar alert from US-CERT 10 days earlier. CryptoLocker is a particularly nasty piece of malware. Once it has infected a machine, it searches for files of any of 70-odd formats,…

  • Industry suffers loss of great researcher

    Untimely death of Peter Ször sends shockwaves across anti-malware community. We were shocked and saddened to learn, yesterday, of the sudden and unexpected death of security researcher and VB advisory board member Peter Ször. Peter was a true pioneer of the anti-malware industry and one of its brightest minds. His knowledge and enthusiasm knew no…

  • ‘123456’ may be an adequate password to protect nothing

    Are we giving users the right kind of advice when it comes to password security? A recent data-breach at Adobe has shown once again that a lot of users choose the most trivial of passwords to protect their online accounts. But is this really what we should be focusing on? As data-breaches go, the recent…

  • Good and bad news for victims of targeted attacks against Microsoft products

    Bug bounty program extended; TIFF zero-day used in the wild. This week, Microsoft has good news and bad news for those targeted by zero-day exploits in its products. The bad news is that a new zero-day exploit has been discovered in a graphics library that is used by Office 2010 . To exploit the vulnerability,…

  • Open letter asks AV companies for openness on surveillance malware

    Old issue has become hot topic again following Snowden revelations. A group of experts in privacy and digital rights has sent an open letter ( pdf ) to a number of anti-virus companies, asking them to be clear about their detection of government surveillance software both in the past and in future cases. The experts,…

  • Php.net compromised to serve malware

    Researchers initially believed Google warning was a false positive. For a few days this week, the popular php.net website was serving malware to some of its visitors and was doing so in a stealthy way that initially confused researchers. There may be thousands and possibly millions of malicious websites on the Internet, but when you…

  • Should software vendors extend support for their products on Windows XP?

    Is Google making the Internet more or less secure by extending support for Chrome on XP? A software vendor’s decision to release updates to its product is generally seen as a good thing, but the decision by Google to continue to support the Chrome browser for Windows XP beyond the operating system’s end-of-life has been…

  • Tens of thousands of fake Twitter accounts passed off and sold as ‘followers’

    After initial takedown, more efforts put into making new fake accounts look genuine. Virus Bulletin ‘s research into a scam selling fake Twitter accounts being passed off as ‘followers’ has helped in the takedown of more than 45,000 such accounts – but has also showed that the scammers are upping their game. The success of…

  • ‘Mobile Thursday’ at the VB conference

    Record number of presentations dedicated to threats affecting smartphones. The significant increase in mobile threats is reflected in the VB2013 programme, which includes seven presentations on mobile malware. Security experts have always been fascinated by mobile security, a subject which has been covered at many previous VB conferences. As far back as 2002, T-Mobile ‘s…