VB Migration

Category: blog

  • VB2016 paper: Steam stealers: it’s all fun and games until someone’s account gets hijacked

    The online games market is huge, and the Steam platform is a huge player in that market. Users registered on the Steam platform use their credit cards to buy content, and willingly provide personal information to and exchange items with other network participants. Rather unsurprisingly, this has not gone unnoticed by cybercriminals, and a while…

  • Research paper shows it may be possible to distinguish malware traffic using TLS

    Researchers at Cisco have published a paper ( PDF ) describing how it may be possible to use machine learning to distinguish malware command-and-control (C&C) traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C&C traffic. The need for malware to communicate with its operators, so that it…

  • Research paper shows it may be possible to distinguish malware traffic using TLS

    Researchers at Cisco have published a paper ( PDF ) describing how it may be possible to use machine learning to distinguish malware command-and-control (C&C) traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C&C traffic. The need for malware to communicate with its operators, so that it…

  • Is CVE-2017-0199 the new CVE-2012-0158?

    There are two good reasons not to be concerned about CVE-2012-0158 , an RTF handling vulnerability in Microsoft Office . First, the vulnerability was patched more than five years ago, so if you follow good security practices and patch regularly, you won’t have to worry about it. Secondly, if you are following those good security practices,…

  • Is CVE-2017-0199 the new CVE-2012-0158?

    There are two good reasons not to be concerned about CVE-2012-0158 , an RTF handling vulnerability in Microsoft Office . First, the vulnerability was patched more than five years ago, so if you follow good security practices and patch regularly, you won’t have to worry about it. Secondly, if you are following those good security practices,…

  • Review: BSides London 2017

    This month, for the first time in its 28-year history, Virus Bulletin became the sponsor of another industry conference: BSides London . I have to admit to having been more than a little proud to see the VB logo displayed on the screens in between sessions. Of course, I was also happy to see lots…

  • Review: BSides London 2017

    This month, for the first time in its 28-year history, Virus Bulletin became the sponsor of another industry conference: BSides London . I have to admit to having been more than a little proud to see the VB logo displayed on the screens in between sessions. Of course, I was also happy to see lots…

  • VB2017: one of the most international security conferences

    The 40 talks confirmed thus far for the VB2017 conference programme will be delivered by speakers that are based in 18 different countries across five continents. If you also consider the nationalities of the speakers, that increases the number of countries represented by at least half a dozen. The VB conference has traditionally been held…

  • VB2017: one of the most international security conferences

    The 40 talks confirmed thus far for the VB2017 conference programme will be delivered by speakers that are based in 18 different countries across five continents. If you also consider the nationalities of the speakers, that increases the number of countries represented by at least half a dozen. The VB conference has traditionally been held…

  • VB2016 paper: Diving into Pinkslipbot’s latest campaign

    Pinkslipbot, also known as Qakbot or Qbot, is a banking trojan that makes the news every once in a while, yet never seems to get the attention of the world’s Zbots and Dridexes. I looked at the malware myself three years ago , but since then it has been updated several times, the most recent…