VB Migration

Category: blog

  • Paper: Beta exploit pack: one more piece of crimeware for the infection road!

    Exploit kit currently being tested focuses primarily on Flash Player exploits. Nuclear, Angler, Magnitude and Rig. Security researchers know we’re talking about exploit kits (or browser exploit packs), toolkits that automate the exploitation of client-side vulnerabilities and thus facilitate infection through drive-by downloads. Today, we publish an article by researchers Aditya K. Sood and Rohit…

  • Throwback Thursday: Macro Viruses & The Little Virus That Could…

    This Throwback Thursday, we turn the clock back to 1999, when Melissa was causing havoc across the globe and VB presented a series of articles detailing all you ever wanted to know about macro viruses but were afraid to ask. Until recently, macro viruses were a thing of the past — true ‘retro’ viruses (as…

  • Virus Bulletin announces ‘Small Talks’ for VB2015

    Smaller, more informal format ideal for discussion and debate. When, a few months ago, we announced the programme for VB2015, we promised ‘a number of added extras’. We have already announced student tickets , which should allow those in full-time education to attend the conference at a significantly reduced price. Today, we are pleased to…

  • Throwback Thursday: Virus Writers

    This Throwback Thursday, we bring you a series of articles from the archives that looked at virus writers, asking ‘who are they?’, ‘why do they do it?’, and other pertinent questions. Recent years have seen a huge shift in malware writing – gone are the days of script kiddies and the lonely teenager wanting his…

  • Vawtrak uses Tor2Web to connect to Tor hidden C&C servers

    Option hides the servers, without having to include a Tor client in the malware. The authors of the Vawtrak trojan (also known as Neverquest) have moved some of its C&C servers to Tor hidden services and made the malware use Tor2Web to connect to them, Fortinet researcher Raul Alvarez writes . The use of hidden…

  • Duqu 2.0 found to target security company

    Advanced malware also targeted venues linked to Iranian nuclear negotiations. There are some security stories you couldn’t make up. The authors of an advanced malware tool have used a new version of that same tool to target a security company that played a prominent role in the discovery and analysis of the original version of…

  • London calling!

    Infosecurity Europe, BSides London and the Security Bloggers Meetup. June is the new April, at least for the security industry, as its traditional get-together in London ( Infosecurity Europe ) has been moved from the last week of April to the first week of June. Infosecurity Europe is primarily a trade show, so it is…

  • Paper: On the beat

    Kevin Williams looks back at UK law enforcement successes at combating cybercrime. In a recent Throwback Thursday article, we looked back at the sentencing of self-confessed virus writer Christopher Pile almost 20 years ago. Pile was the first person in the UK to be given a custodial sentence for writing and distributing computer viruses. He…

  • Throwback Thursday: Research and Other Hobbies

    This Throwback Thursday we reflect on the life of one of industry’s greats, who sadly passed away this week: Prof. Klaus Brunnstein. Professor Klaus Brunnstein was one of the biggest names in anti-virus resarch, a pioneer in the field, and a man whose career was never short of either controversy or success. We were greatly…

  • Weak keys and prime reuse make Diffie-Hellman implementations vulnerable

    ‘Logjam’ attack possibly used by the NSA to decrypt VPN traffic. A group of researchers have discovered a number of vulnerabilities in the way the Diffie-Hellman key exchange protocol is deployed and have demonstrated an attack (dubbed ‘ Logjam ‘) that exploits these vulnerabilities. Diffie-Hellman is used by two entities (typically referred to as Alice…