Category: blog
-
VB2016 paper: Defeating sandbox evasion: how to increase successful emulation rate in your virtualized environment
In order to analyse a potentially malicious binary, an important first step is to run it in a specialised virtual environment, or sandbox environment, and see what it does – if it exhibits some known malicious behaviour, it is probably worth blocking it. However, malware authors are wise to this analysis technique, and most pieces…
-
VB2016 paper: Mobile applications: a backdoor into the Internet of Things?
The meteoric rise of the Mirai botnet in recent months has led to the Internet of Things (IoT) becoming a major and actual security concern. To assess the effective security status of the so-called smart devices that make up the IoT, security researchers need to reverse engineer them – something that often isn’t trivial thanks to poor documentation…
-
VB2016 paper: Mobile applications: a backdoor into the Internet of Things?
The meteoric rise of the Mirai botnet in recent months has led to the Internet of Things (IoT) becoming a major and actual security concern. To assess the effective security status of the so-called smart devices that make up the IoT, security researchers need to reverse engineer them – something that often isn’t trivial thanks to poor documentation…
-
VB2016 paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks
Security researchers have a complicated relationship with attribution. On the one hand, for technical analyses, it doesn’t matter whether an attack was performed by a Bear, a Panda or an Eagle, and whether it was Cozy or Fancy. But security research doesn’t exist in a void, and in an era where the overlap with geopolitics…
-
VB2016 paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks
Security researchers have a complicated relationship with attribution. On the one hand, for technical analyses, it doesn’t matter whether an attack was performed by a Bear, a Panda or an Eagle, and whether it was Cozy or Fancy. But security research doesn’t exist in a void, and in an era where the overlap with geopolitics…
-
Throwback Thursday: The Politics of Anti-Virus
The United States has a new president-elect, and now both the citizens of the US and the rest of the world wait with bated breath to find out what changes the Trump presidency will bring. In his campaigning, President-Elect Trump made a number of references to cybersecurity, promising that he would make cybersecurity a top…
-
Throwback Thursday: The Politics of Anti-Virus
The United States has a new president-elect, and now both the citizens of the US and the rest of the world wait with bated breath to find out what changes the Trump presidency will bring. In his campaigning, President-Elect Trump made a number of references to cybersecurity, promising that he would make cybersecurity a top…
-
VB2016 paper: The TAO of Automated Iframe Injectors – Building Drive-by Platforms For Fun
VB2016 took place almost two weeks ago, since when we have had many requests to publish the papers presented at the conference, as well as the videos of those presentations. Virus Bulletin is all about bringing security experts together and making relevant information accessible to them and for that reason, subject to authors’ permission, we…
-
VB2016 paper: The TAO of Automated Iframe Injectors – Building Drive-by Platforms For Fun
VB2016 took place almost two weeks ago, since when we have had many requests to publish the papers presented at the conference, as well as the videos of those presentations. Virus Bulletin is all about bringing security experts together and making relevant information accessible to them and for that reason, subject to authors’ permission, we…
-
“Cybersecurity is, at its core, a people problem,” says VB2016 keynote speaker
Christine Whalley is the director of governance and IT risk management at Pfizer , the American global pharmaceutical corporation headquartered in New York City. Not only does Christine possess a wealth of experience in managing IT risk and governance, she is also a keen educator. Christine has been hand-picked by the Virus Bulletin team to…