VB Migration

Category: blog

  • Paying a malware ransom is bad, but telling people never to do it is unhelpful advice

    I’m not usually one to spread panic about security issues, but in the case of the current ransomware plague, I believe that at the very least a sense of great concern is justified. And the threat is unlikely to disappear any time soon. While there are certainly many things we can do to significantly reduce…

  • VB2015 paper: VolatilityBot: Malicious Code Extraction Made by and for Security Researchers

    Given the sheer volume of new malware samples discovered every day, security researchers eagerly make use of tools that will help automate their research and analysis. IBM Trusteer researcher Martin Korman wrote one such tool, ‘VolatilyBot’, which extracts malicious code from packed binaries, leveraging the functionality of the Volatility Framework . At VB2015 in Prague,…

  • VB2016 programme announced, registration opened

    We are excited to officially announce the programme for VB2016, the 26th International Virus Bulletin Conference, which will take place in Denver, Colorado, USA 5-7 October this year. Ransomware & malvertising As every year, the VB2016 programme reflects what is going on in the world of security. With ransomware being such a hot topic, the…

  • New tool helps ransomware victims indentify the malware family

    Malware infections are never fun, but ransomware is particularly nasty and the plague doesn’t seem likely to cease any time soon: new families are spotted almost daily. A small silver lining in this dark cloud is the fact that crypto is hard for the bad guys too: they have made many mistakes implementing their encryption…

  • It’s fine for vulnerabilities to have names — we just need not to take them too seriously

    “What’s in a name? That which we call Heartbleed by any other name would be just as malicious.” — William Shakespeare (paraphrased) When OpenSSL vulnerability CVE-2014-0160 was discovered in April 2014, it was about as bad as vulnerabilities get: an attacker could read large chunks of server memory, including passwords and even private keys, merely…

  • Throwback Thursday: The Number of the Beasts

    The Virus Bulletin Virus Prevalence Table, which ran from 1992 until 2013, gave users a regular snapshot of what was really going on in the virus (and later malware) world, each month recording the number of incidents of each virus reported to VB in the preceding month. In August 2000, Denis Zenkin, a self-confessed virus…

  • Paper: All Your Meetings Are Belong to Us: Remote Code Execution in Apache OpenMeetings

    The rise of bug bounties in recent years has created an incentive for hackers to hunt for vulnerabilities in a lot of software and services. But what about those software projects that can’t pay bounties, because they are developed by volunteers? Thankfully, some researchers are devoting their time to such projects and to helping them…

  • Throwback Thursday: ‘In the Beginning was the Word…’

    Microsoft has recently introduced a new feature to Office 2016 : the ability to block macros,in an attempt to curb the spread of macro malware, which is once again on the rise . Macro viruses first appeared in 1995, at a time when there were over 100 times as many DOS viruses in existence as…

  • VB2016 Call for Papers Deadline

    If you read our blog or follow us on social media, you can’t have missed the fact that the deadline for submissions for VB2016 is 18 March. That’s today! If you haven’t submitted a proposal yet, it’s not too late — you can read the call for papers here or go directly to the abstract…

  • How broken is SHA-1 really?

    Earlier this month, I gave a talk entitled ” How Broken Is Our Crypto Really? ” at the RSA Conference in San Francisco. In the presentation, I looked at vulnerabilities found in cryptographic protocols and analysed the likeliness of these being exploited in practice. I spent a few minutes talking about SHA-1 and stated that…