Category: blog
-
VB2019 paper: Medical IoT for diabetes and cybercrime
It is estimated that between 8% and 9% of the population worldwide suffers with some form of diabetes. People with type 1 diabetes typically have to measure their blood glucose levels several times a day and adjust their treatment according to the results. Traditionally, this has been done by means of the person pricking their…
-
VB2019 paper: Spoofing in the reeds with Rietspoof
The Rietspoof malware was first discovered by Avast researchers in August 2018 and publicly disclosed in a blog post in February 2019. The multi-stage malware utilises different file types throughout its infection chain including in one stage a CAB file. Full details of the malware, including later discoveries, were revealed in a VB2019 paper by…
-
New paper: Behind the scenes of GandCrab’s operation
Though active for only a little over a year, GandCrab was one of the most successful ransomware operations and caused a great deal of damage worldwide. Running as a Ransomware-as-a-Service scheme, the malware regularly updated itself to newer versions to stay ahead of decryptors released by security researchers, and regularly included taunts, jokes and references…
-
VB2019 paper: King of the hill: nation-state counterintelligence for victim deconfliction
Past Virus Bulletin conference papers (co-)written by Juan Andrés Guerrero-Saade, such as those on fourth-party collection or false flags , have become legendary and continue to be cited across the industry. At VB2019 in London, ‘JAGS’ was back. Now Research Tsar at Chronicle , he looked at an interesting use case for threat intelligence: nation-state…
-
The VB2020 call for papers – how it works
We recently opened the call for papers for VB2020 , which is to take place 30 September to 2 October in Dublin, Ireland. The deadline for the call for papers is Sunday 15 March . We are often asked how the selection procedure works, and since we believe in transparency, and since an explanation of…
-
VB2019 presentation: Targeted attacks through ISPs
In 2019 we saw an increase in the number of targeted malware infections spread via ISPs and service providers. Some notable cases included the installation of digital certificates in the target’s browser, which would help the attackers to distinguish and decrypt traffic, and the spread of malware via HTTP 307 redirects by the StrongPity group.…
-
VB2019 presentation: A deep dive into iPhone exploit chains
One of the biggest security stories of 2019 was the use of advanced iOS and Android exploit chains against China’s Uighur minority, first uncovered by Google ’s Project Zero with more details supplied by Volexity . In a last-minute presentation at VB2019 in London, John Bambenek of the University of Illinois at Urbana-Champaign discussed details…
-
Latest VBWeb report describes current state of the web-based threat landscape
The web continues to be a major infection vector for individuals and organisations alike. In the VBWeb tests , which form part of Virus Bulleti n’s test suite, our team measures the performance of web security products against a range of live web threats. We publish quarterly reports on the performance of the products that…
-
VB2019 paper: Catch me if you can: detection of injection exploitation by validating query and API integrity
Any web app that relies on some kind of user input is potentially vulnerable to some kind of command injection, be it MySQL, NoSQL or OS command injection. Indeed, OWASP lists this as one of the topmost security risks. In a paper presented at VB2019 in London, Prismo Systems researchers Abhishek Singh and Ramesh Mani…
-
Virus Bulletin says a fond farewell and thank you to Martijn Grooten
Thirteen years ago, VB was searching for a web developer to join the very small team based in Oxfordshire, UK. A CV came in from one Martijn Grooten, a former Ph.D. student in mathematics with little practical experience but a lot of promising skills. He interviewed well and was offered the job. Martijn was a…