VB Migration

Mindblown: a blog about philosophy.

  • More than two million home routers have ‘wide open backdoor’

    Default password makes vulnerability easy to exploit. Researchers at Trend Micro have discovered an easy-to-exploit backdoor in routers from Chinese manufacturer Netcore , that allows an attacker to take almost complete control of the device, with very little that users can do to protect themselves. The backdoor consists of the router listening on UDP port…

  • VB2014 preview: Duping the machine – malware strategies, post sandbox detection

    James Wyke looks at four difference decoy methods. In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we will look at some of the research that will be presented at the event. Today, we look at the paper ‘ Duping the machine – malware strategies, post sandbox detection ‘, from Sophos…

  • Paper: Bird’s nest

    Raul Alvarez studies the Neshta prepending file infector. File infectors can be categorized by how they attach themselves to the host file. A cavity virus attaches itself to the available spaces in the host file; an appending virus attaches its code at the end of a file; and a prepending virus does so at the…

  • VB2014 preview: Labelling spam through the analysis of protocol patterns

    Andrei Husanu and Alexandru Trifan look at what TCP packet sizes can teach us. In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we will look at some of the research that will be presented at the event. Today, we look at the paper ‘ Labelling spam through the analysis of…

  • VB2014 preview: Optimized mal-ops. Hack the ad network like a boss

    Researchers Vadim Kotov and Rahul Kashyap to discuss how advertisements are the new exploit kits. In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we will look at some of the research that will be presented at the event. In the second of this series, we look at the paper ‘…

  • Guest blog: Cyber insurance, is it for you?

    Sorin Mustaca looks at how companies trading online can insure the risks they run. Throughout its 25 year history, Virus Bulletin has regularly published technical analyses of the latest threats and defensive methods, and will continue to do so (with the material now available free of charge ). We will also continue to post thought-provoking…

  • Google to take tough stance on homoglyph attacks

    Good idea, but unlikely to have a huge impact. Ever since internationalized domain names (IDNs) were introduced in the last decade, allowing people to use non-ASCII characters in domain names, many in the security field have been expressing their concern about ‘ homoglyph attacks ‘ (sometimes called homograph attacks ). In such attacks, characters in…

  • VB2014 preview: P0wned by a barcode

    Fabio Assolini to speak about malware targeting boletos. In the weeks running up to VB2014 , we will look at some of the research that will be presented at the conference. In the first of this series, we look at the paper ‘ P0wned by a barcode: stealing money from offline users ‘, from Kaspersky…

  • Paper: Inside the iOS/AdThief malware

    75,000 jailbroken iOS devices infected with malware that steals ad revenues. Believing that the device or operating system you use reduces your chance of being affected by malware is generally a bad idea, but those using iOS have the numbers on their side: malware targeting Apple ‘s mobile platform is very rare. But very rare…

  • $83k in bitcoins ‘stolen’ through BGP hijack

    Short-lived network changes used to make miners connect to rogue pool. Researchers at Dell SecureWorks have discovered an operation that used BGP hijacking to force bitcoin miners to connect to mining pools under the attackers’ control, thus gaining them a lot of extra mining power and, ultimately, about $83,000 in bitcoins. New bitcoins are constantly…

Got any book recommendations?

Get In Touch