Category: blog
-
New paper: Powering the distribution of Tesla stealer with PowerShell and VBA macros
Ever since their return more than four years ago, initially in targeted attacks and later in large-scale malware campaigns, Office macros have been one of the most prominent ways to spread malware. Today, we publish a research paper by Aditya K. Sood and Rohit Bansal of SecNiche Security , in which they analyse a malware…
-
VB2017 paper: Android reverse engineering tools: not the usual suspects
Within a few years, Android malware has grown from a relatively small threat – the first VB conference talk on Android , in 2011, mentioned fewer than 100 malware families – to a huge problem involving more than three million new malware samples a year. The subject has been a regular one on the VB conference programme,…
-
VB2017 paper: Android reverse engineering tools: not the usual suspects
Within a few years, Android malware has grown from a relatively small threat – the first VB conference talk on Android , in 2011, mentioned fewer than 100 malware families – to a huge problem involving more than three million new malware samples a year. The subject has been a regular one on the VB conference programme,…
-
Patch early, patch often, but don’t blindly trust every ‘patch’
Patching is important, but not everything that presents itself as a security patch is safe to install. Malwarebytes researcher Jérôme Segura has written a detailed analysis of the ‘FakeUpdates’ campaign, where thousands of websites with an out-of-date content management system have been compromised to spread malware. Rather than exploiting vulnerabilities in browsers or browser plug-ins, as…
-
Patch early, patch often, but don’t blindly trust every ‘patch’
Patching is important, but not everything that presents itself as a security patch is safe to install. Malwarebytes researcher Jérôme Segura has written a detailed analysis of the ‘FakeUpdates’ campaign, where thousands of websites with an out-of-date content management system have been compromised to spread malware. Rather than exploiting vulnerabilities in browsers or browser plug-ins, as…
-
Virus Bulletin at RSA
Next week, I will be joining the international security community to attend the RSA Conference in San Francisco. Though it lacks the intimate atmosphere of so many smaller security conferences, there is probably no better place than RSA to meet so many security experts and discuss the things they’re working on. I’m certainly looking forward…
-
Virus Bulletin at RSA
Next week, I will be joining the international security community to attend the RSA Conference in San Francisco. Though it lacks the intimate atmosphere of so many smaller security conferences, there is probably no better place than RSA to meet so many security experts and discuss the things they’re working on. I’m certainly looking forward…
-
Broad-ranging and international VB2018 programme announced
Today, we are very excited to announce the programme for VB2018 , the 28th Virus Bulletin International Conference, which is to take place in Montreal, 3-5 October 2018. Putting together a conference programme is not an easy task, particularly when you’ve received as many excellent submissions as we did, but I believe we have come…
-
Broad-ranging and international VB2018 programme announced
Today, we are very excited to announce the programme for VB2018 , the 28th Virus Bulletin International Conference, which is to take place in Montreal, 3-5 October 2018. Putting together a conference programme is not an easy task, particularly when you’ve received as many excellent submissions as we did, but I believe we have come…
-
Netflix issue shows email verification really does matter
In the email security community, the use of confirmed opt-in has long been a recommended practice: an email address given to you can’t be used until the account owner has confirmed (by clicking a link in or replying to a confirmation email) that they do indeed own that email address. When email service provider Mailchimp…