VB Migration

Mindblown: a blog about philosophy.

  • New paper: Collector-stealer: a Russian origin credential and information extractor

    Collector-stealer, a piece of malware of Russian origin, is heavily used on the Internet to exfiltrate sensitive data from end-user systems and store it in its C&C panels. In a new article, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of the Collector-stealer malware to unearth hidden artifacts covering binary analysis,…

  • VB2021 localhost videos available on YouTube

    Today, VB has made all VB2021 localhost presentations available on VB’s YouTube channel , so you can now watch – and share – any part of the conference freely and without registration. The VB2021 / Live track playlist contains the two live broadcasts presented by our host Angela Lamont, each of which features eight presentations…

  • VB2021 localhost is over, but the content is still available to view!

    VB2021 localhost – VB’s second virtual, and entirely free to attend VB conference – took place last week and was a great success. If you missed it, don’t worry, the content is still available to view. You can rewind and watch the two live broadcasts, each of which features eight presentations and live Q&A with…

  • VB2021 localhost call for last-minute papers

    Have you analysed a brand new online threat? Are you involved in cutting edge security research? Are you tasked with securing systems and fending off attacks and developing new ways of working? The call for last-minute papers for VB2021 localhost is now open and we want to hear from you! With threats evolving and research…

  • New article: Run your malicious VBA macros anywhere!

    Office documents have over many decades been used to launch malware, often through macros, embedded content or exploits. Researcher Kurt Natvig wanted to understand whether it’s possible to recompile VBA macros to another language, which could then easily be ‘run’ on any gateway, thus revealing a sample’s true nature in a safe manner. In a…

  • New article: Dissecting the design and vulnerabilities in AZORult C&C panels

    AZORult malware has been around in the wild for a couple of years and is very effective at stealing sensitive information from end‑user systems. In a new article for VB, Aditya K Sood looks at the command-and-control (C&C) design of the AZORult malware, discussing his team’s findings related to the C&C design and some security…

  • VB2021 localhost call for papers: a great opportunity

    Earlier this week VB took the tough decision to cancel the in-person version of VB2021 in Prague. We had really hoped to be able to host an in-person event this year, but with the situation around the global pandemic still so unpredictable we simply couldn’t guarantee that it would be possible – or safe –…

  • New article: Excel Formula/Macro in .xlsb?

    Excel Formula, or XLM – does it ever stop giving pain to researchers? So asks Forcepoint researcher Kurt Natvig. In a follow-up to his previous article on Excel Formula (XF) 4.0 malware, Kurt takes us through his analysis of a new sample using the .xlsb file format. Excel Formula/Macro in .xlsb? Read the paper (HTML)…

  • New article: Decompiling Excel Formula (XF) 4.0 malware

    Office malware has been around for a long time, but until recently Excel Formula (XF) 4.0 was not something researcher Kurt Natvig was very familiar with. In a new article Kurt allows us to learn with him as he takes a deeper look at XF 4.0. Decompiling Excel Formula (XF) 4.0 malware Read the paper…

  • The Bagsu banker case – presentation

    Some time ago, researchers at CSIS Security Group discovered the infrastructure of a “quiet” banking trojan actor that had been targeting German users since at least 2014. At VB2019 CSIS researcher Benoît Ancel gave a talk in which he provided a technical insight into the whole operation: infrastructure, multi-platform trojans, money laundering schemes, and a…

Got any book recommendations?

Get In Touch