Category: blog
-
VB2018 video: Adware is just malware with a legal department – how we reverse engineered OSX/Pirrit, received legal threats, and survived
OSX/Pirrit was first analysed in 2016 by Cybereason ‘s Amit Serper in a guest blog post for the Objective See blog. It is an interesting and technically thorough analysis of a piece of adware that, as is not uncommon, uses techniques borrowed from malware. Pirrit appears as an unsigned executable inside an app bundle, source:…
-
The VB2019 call for papers is about … papers
The Call for Papers for VB2019, the 29th Virus Bulletin Conference (London, 2-4 October) is open until Sunday 17 March. When we say “call for papers” we really put the emphasis on papers. That is, we’re not asking you to submit more than an abstract right now, but if your abstract is selected for the…
-
VB2018 video: Adware is just malware with a legal department – how we reverse engineered OSX/Pirrit, received legal threats, and survived
OSX/Pirrit was first analysed in 2016 by Cybereason ‘s Amit Serper in a guest blog post for the Objective See blog. It is an interesting and technically thorough analysis of a piece of adware that, as is not uncommon, uses techniques borrowed from malware. Pirrit appears as an unsigned executable inside an app bundle, source:…
-
VB2018 paper: Anatomy of an attack: detecting and defeating CRASHOVERRIDE
At VB2017 in Madrid, ESET researchers Anton Cherepanov and Robert Lipovsky presented a last-minute paper on Industroyer, a malware framework that was responsible for the December 2016 blackout in Ukraine. The attack was perhaps less noteworthy for what it achieved (a relatively short blackout) than for the potential it signalled. Such was the premise of…
-
VB2018 paper: Anatomy of an attack: detecting and defeating CRASHOVERRIDE
At VB2017 in Madrid, ESET researchers Anton Cherepanov and Robert Lipovsky presented a last-minute paper on Industroyer, a malware framework that was responsible for the December 2016 blackout in Ukraine. The attack was perhaps less noteworthy for what it achieved (a relatively short blackout) than for the potential it signalled. Such was the premise of…
-
VB2018 presentation: Levelling up: why sharing threat intelligence makes you more competitive
Here at VB we often talk about the importance of sharing intelligence, and many of us coming into the industry for the first time have been genuinely surprised by the willingness to share information among competitors. Yet even within this relatively open industry, there are still barriers to sharing threat intelligence data, be they technical,…
-
VB2018 presentation: Levelling up: why sharing threat intelligence makes you more competitive
Here at VB we often talk about the importance of sharing intelligence, and many of us coming into the industry for the first time have been genuinely surprised by the willingness to share information among competitors. Yet even within this relatively open industry, there are still barriers to sharing threat intelligence data, be they technical,…
-
The malspam security products miss: Emotet, Ursnif, and a spammer’s blunder
This blog post was put together in collaboration with VB test engineers Adrian Luca and Ionuţ Răileanu. Virus Bulletin uses email feeds provided by Abusix and Project Honey Pot . In our VBSpam test lab , we continue to receive spam from around the world, including a fair number of emails carrying malware, or with…
-
The malspam security products miss: Emotet, Ursnif, and a spammer’s blunder
This blog post was put together in collaboration with VB test engineers Adrian Luca and Ionuţ Răileanu. Virus Bulletin uses email feeds provided by Abusix and Project Honey Pot . In our VBSpam test lab , we continue to receive spam from around the world, including a fair number of emails carrying malware, or with…
-
VB2018 paper: The modality of mortality in domain names
The current generation of security professionals is probably more familiar with the way DNS works than they are with phone books, which are still often used as an analogy to explain DNS. Domains play a crucial role in most cyber attacks, from the very advanced to the very mundane; being able to take down or…