VB Migration

Mindblown: a blog about philosophy.

  • VB2017 video: Consequences of bad security in health care

    ” You are probably asking yourselves what a nurse is doing at a cybersecurity conference. Trust me, my colleagues are even more surprised, because they truly believe that hospitals have the best security ever. ” Thus Jelena Milosevic , a nurse with a passion for IT security, began her VB2017 presentation , ‘Consequences of bad…

  • Vulnerabilities play only a tiny role in the security risks that come with mobile phones

    Last week saw yet another successful edition of Mobile Pwn2Own , the contest in which participants are challenged to attack fully patched mobile devices using previously unknown vulnerabilities. Contests like these, and their desktop equivalents, serve two purposes: device manufacturers have vulnerabilities responsibly disclosed to them, while offensive security researchers are able to show off…

  • Vulnerabilities play only a tiny role in the security risks that come with mobile phones

    Last week saw yet another successful edition of Mobile Pwn2Own , the contest in which participants are challenged to attack fully patched mobile devices using previously unknown vulnerabilities. Contests like these, and their desktop equivalents, serve two purposes: device manufacturers have vulnerabilities responsibly disclosed to them, while offensive security researchers are able to show off…

  • VB2017 paper: The (testing) world turned upside down

    Few subjects are as hotly debated within the security community as the testing of security software. Virus Bulletin has been at the core of many of these debates, both as a company with two decades’ worth of experience testing security software and as a facilitator through the Bulletin and our conference. At VB2017 in Madrid,…

  • VB2017 paper: The (testing) world turned upside down

    Few subjects are as hotly debated within the security community as the testing of security software. Virus Bulletin has been at the core of many of these debates, both as a company with two decades’ worth of experience testing security software and as a facilitator through the Bulletin and our conference. At VB2017 in Madrid,…

  • VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel

    Trickbot, first reported a year ago by Malwarebytes researcher Jérôme Segura as the successor of Dyre/Dyreza, has become perhaps the most important banking trojan of 2017. It is known for its regular updates, with its use of SMB for lateral movement particularly noteworthy. Symantec ‘s Director of Threat Research Andrew Brandt is one of many…

  • VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel

    Trickbot, first reported a year ago by Malwarebytes researcher Jérôme Segura as the successor of Dyre/Dyreza, has become perhaps the most important banking trojan of 2017. It is known for its regular updates, with its use of SMB for lateral movement particularly noteworthy. Symantec ‘s Director of Threat Research Andrew Brandt is one of many…

  • Paper: FAME – Friendly Malware Analysis Framework

    As someone who spends most of his time talking to people who work for security vendors, I am always impressed by the amount of security research that takes place in the real world, at companies and organizations large enough to have teams dedicated to analysing the threats they are facing. One such company is the…

  • Paper: FAME – Friendly Malware Analysis Framework

    As someone who spends most of his time talking to people who work for security vendors, I am always impressed by the amount of security research that takes place in the real world, at companies and organizations large enough to have teams dedicated to analysing the threats they are facing. One such company is the…

  • Ebury and Mayhem server malware families still active

    Whether it is to send spam or to redirect web traffic to malicious payloads, compromised ( Linux ) web servers are the glue in many a malware campaign. Two such networks of compromised servers – about which VB has published papers in the past – have recently received updates. The paper ‘Operation Windigo’ ( pdf ) was…

Got any book recommendations?

Get In Touch