Mindblown: a blog about philosophy.
-
Paper: VBA is not dead!
Gabor Szappanos looks at the resurgence of malicious VBA macros that use social engineering to activate. Macro malware had long been assumed dead. After all, macros are disabled by default in modern versions of Microsoft Office , which means they do not automatically execute upon opening a file. However, macro malware has recently made a…
-
‘Cyber attack on hedge fund’ turns out to be internal ‘scenario’ used by BAE Systems
Story that appeared to be taken from fiction turns out… to have been fiction. Two weeks after BAE Systems reported its technicians had thwarted an attack against hedge fund servers, the company has fessed up to the fact that this was not a real event, merely a ‘scenario’ used by experts within the company. The…
-
Paper: Obfuscation in Android malware, and how to fight back
Axelle Apvrille and Ruchna Nigam look at both off-the-shelf products and custom obfuscation techniques. After a relatively slow start, in recent years mobile malware has really taken off. In many ways, mobile malware has followed the same path as taken by malware targeting desktop PCs. We have seen mobile adware, spyware, fake anti-virus, banking trojans,…
-
Virus Bulletin celebrates 25th birthday by making all content free
Neither subscription nor registration required to access content. Happy birthday Virus Bulletin ! Today it is exactly 25 years since, in the very first issue of Virus Bulletin , Editor Edward Wilding wrote: “We aim to provide PC users with a regular source of intelligence about computer viruses, their prevention, detection and removal, and how…
-
Exploit kit requires link to be clicked before redirection
Automatic analysis of malicious payloads becomes a little bit harder again. A security researcher at ESET has discovered how a malicious site serving the Angler exploit kit prevents automatic analysis by making a user click a link before being redirected to the exploit kit. Having spent many hours during the past two years building a…
-
Cheap Android phone comes shipped with spyware
Trojan masquerades as Google Play app; cannot be removed. Researchers at German security firm G Data have discovered Android smartphones that come shipped with spyware. The phone is the N9500 from Chinese manufacturer Star , which appears to be very similar to the popular Samsung S5 , but with a much lower price tag. Following…
-
Virus Bulletin seeks security researchers
Would you like to publish your research through Virus Bulletin – or perhaps even work for us? As of 1 July, all Virus Bulletin content will be freely available to everyone. This should be of interest for more reasons than simply saving the annual subscription fee. I recently spoke to a long-time Virus Bulletin reader…
-
Game over for GameOver Zeus botnet?
Coordinated effort against gang that’s also behind CryptoLocker ransomware. A large, coordinated effort involving law enforcement, security vendors and various security researchers, has caused serious disruption to both the GameOver Zeus botnet and the CryptoLocker ransomware. GameOver Zeus is a particularly sophisticated variant of the Zeus trojan. Rather than a centralised command and control infrastructure,…
-
Virus Bulletin announces Péter Ször Award
‘Brilliant mind and a true gentleman’ commemorated through annual award for technical security research. In commemoration of the life and work of security researcher Péter Ször, who passed away in November, Virus Bulletin has introduced an annual award which will be known as the “Péter Ször Award”. The award will recognise the best piece of…
-
1 in 500 secure connections use forged certificate
For reasons ranging from relatively good, to actual malware. Researchers from Facebook and Carnegie Mellon University have published a paper ( PDF ) in which they show that out of a sample of over 3 million secure connections to Facebook , 0.2% used a forged SSL certificate. SSL and its successor TLS are encryption protocols…
Got any book recommendations?