Category: blog
-
Virus Bulletin says a fond farewell to John Hawes
Ten years ago, when I joined the very small Virus Bulletin team, the risk of computer viruses accidentally spreading to millions of PCs was still considered very real. Hence my colleague John Hawes, who tested products’ detection of such viruses, worked in a sealed-off room elsewhere in the building, without an Internet connection, and behind…
-
VB2016 paper: One-Click Fileless Infection
Over the last few years, we have seen a sharp increase in ‘fileless’ infections, where a machine is compromised without a malicious file ever being written to disk. Though not impossible to detect and prevent, they do require a security product. In a paper entitled “One-click fileless infection” presented at VB2016 in Denver, Symantec researchers…
-
VB2016 paper: One-Click Fileless Infection
Over the last few years, we have seen a sharp increase in ‘fileless’ infections, where a machine is compromised without a malicious file ever being written to disk. Though not impossible to detect and prevent, they do require a security product. In a paper entitled “One-click fileless infection” presented at VB2016 in Denver, Symantec researchers…
-
Mostly blocked, but still good enough: Necurs sending pump-and-dump spam
Over the past few days, the Necurs spam botnet has increased its activity, sending large amounts of pump-and-dump spam, in which a cheap stock is pushed with the aim of making a profit for those behind the campaign. The Dynamoo blog lists examples of the various emails sent, while Cisco ‘s Talos group provides some…
-
Mostly blocked, but still good enough: Necurs sending pump-and-dump spam
Over the past few days, the Necurs spam botnet has increased its activity, sending large amounts of pump-and-dump spam, in which a cheap stock is pushed with the aim of making a profit for those behind the campaign. The Dynamoo blog lists examples of the various emails sent, while Cisco ‘s Talos group provides some…
-
Why the SHA-1 collision means you should stop using the algorithm
Unexpected though it may have been, the SHA-1 collision found by researchers at CWI Amsterdam and Google earlier this year is one of the biggest security stories of 2017 thus far. Now, stories about breaking cryptographic protocols tend to attract a disproportionate amount of media attention compared to the likelihood of them ever being exploited…
-
VB2017 Call for Papers: frequently asked questions
The call for papers for VB2017 , the 27th Virus Bulletin International Conference, which takes place 4 to 6 October in Madrid, Spain, is currently open. We’ve had some excellent presentations at recent VB conferences, and we are never short of high-quality submissions to fill the schedule. Nevertheless, we’re always on the look out for new…
-
Why the SHA-1 collision means you should stop using the algorithm
Unexpected though it may have been, the SHA-1 collision found by researchers at CWI Amsterdam and Google earlier this year is one of the biggest security stories of 2017 thus far. Now, stories about breaking cryptographic protocols tend to attract a disproportionate amount of media attention compared to the likelihood of them ever being exploited…
-
VB2017 Call for Papers: frequently asked questions
The call for papers for VB2017 , the 27th Virus Bulletin International Conference, which takes place 4 to 6 October in Madrid, Spain, is currently open. We’ve had some excellent presentations at recent VB conferences, and we are never short of high-quality submissions to fill the schedule. Nevertheless, we’re always on the look out for new…
-
Throwback Thursday: Michelangelo – Graffiti Not Art
This week marked the 25th anniversary of the Michelangelo virus. The boot sector virus was designed to trigger on 6 March 1992, on which date it would override all of the data on the infected machine’s hard drive. The Michelangelo virus – which was so named by researchers for the fact that 6 March was also the…