VB Migration

Category: blog

  • Throwback Thursday: What DDoS it all Mean?

    This Throwback Thursday, we turn the clock back to March 2000, when DDoS attacks were a newly emerging menace. Today, DDoS attacks are a well-known form of cyber abuse — indeed, even this week, Swiss encrypted webmail provider ProtonMail has been the target of a sustained DDoS attack. In early 2000, however, DDoS attacks were…

  • The Internet of Bad Things, Observed

    In his VB2015 keynote address, Ross Anderson described attacks against EMV cards. The VB2015 opening keynote by Ross Anderson could hardly have been more timely. In his talk “The Internet of Bad Things, Observed”, the Cambridge professor looked at various attacks against the EMV standard for payment cards — attacks that have been used to…

  • Full house in VB’s latest spam filter test

    All participating full solutions earn VBSpam certification, while little delay is observed in spam filters. There is good news for those who rely on spam filters — which means everyone who uses email — as for the first time since July 2014, all participating full anti-spam solutions achieved a VBSpam award in VB ‘s latest…

  • Throwback Thursday: Inside Sony’s rootkit

    This Throwback Thursday, we turn the clock back ten years, when the discovery of a rootkit ignited a firestorm of criticism for Sony. Rootkits are common among modern malware, and it seems hard to believe that ten years ago they were a little known phenomenon — that was until the discovery of the Sony rootkit…

  • Paper: Shifu — the rise of a self-destructive banking trojan

    Thorough analysis of this new kid on the malware block. Times are changing rapidly for banking trojans. Some prominent arrests and at least partially successful takedowns have left space for new criminal entrepreneurs in this malicious, yet highly profitable market. ‘Shifu’ seems to have filled part of this space. First mentioned publicly by IBM in…

  • Hack.lu 2015

    Great research presented in a stimulating environment. I had heard many good stories about previous Hack.lu conferences, so I was excited this year to finally be able to make it to Luxembourg itself, where the conference took place in a hotel just outside the country’s eponymous capital. With more than 400 people in attendance, the…

  • Throwback Thursday: Memetic Mass Mailers: Time to Classify Hoaxes as Malware?

    This Throwback Thursday, we turn the clock back to July 2002, when virus hoaxes were wreaking havoc in homes and organizations worldwide. Virus hoaxes — false reports or warnings about non-existent viruses whose traditional payload was time wasting and increasing user anxiety about the virus threat, but which could also extend to getting the user…

  • Throwback Thursday: The real virus problem

    This Throwback Thursday, we turn the clock back to February 2004 when, in order to get a gauge of the “real” virus problem, Jim Bates presented the findings of a survey of UK computer programmers. “A ragbag of pseudo-scientific projections, surveys, reports, forecasts and speculations” — the true extent of the malware problem has always…

  • Paper: MWI-5: Operation HawkEye

    Gabor Szappanos looks at how macro malware campaigns spread a commercial keylogger to harvest banking details. Macro malware was a plague in the late 1990s, when Microsoft Office executed macros by default, making the writing of computer viruses literally child’s play. Macro execution has long been disabled by default, but in the last two years,…

  • Throwback Thursday: Misguided or malevolent? New trends in virus writing

    This Throwback Thursday, we turn the clock back to February 2004 when Stuart Taylor wondered whether there was truly a criminal element entering virus writing. These days, no one would argue that there wasn’t a criminal element in virus writing — cybercrime is big business and has evolved into a truly organized crime ecosystem. On…