VB Migration

Mindblown: a blog about philosophy.

  • VB2015 preview: advanced persistent threats

    Several conference papers to deal with targeted attacks. There was a time when analyses of malware and viruses at the Virus Bulletin conference used the number of infections as a measure of the harm done. And while there are still many talks on what is now referred to as ‘opportunistic malware’, targeted attacks, or APTs,…

  • Throwback Thursday: The Virus Analyst Headache

    This Throwback Thursday, we turn the clock back to April 1999, when the average virus analyst had to manually process around ten or more viruses per day, and the growing complexity and volume of viruses was proving a headache. By the early years of the 21st century, the volume of malware was such that no…

  • Back to the future: anti-virus engines and sandboxes

    Szilard Stange makes the case for multi-engine malware scanning. The VB2015 conference takes place next month (30 September to 2 October) in Prague, with an exciting programme that covers many of today’s most pertinent security-related topics. In the run-up to the event, we have invited each of the VB2015 sponsors to write a guest post…

  • Catch rates bounce back in latest spam filter test

    Products defy prediction of tougher circumstances. When spam levels were recently reported to have dropped below 50% for the first time in 12 years, I wrote that it was ‘not necessarily good news for spam filters’: as spam filtering is almost entirely reactive, spam campaigns of smaller size are more likely to stay under the…

  • Paper: Life after the apocalypse for the Middle Eastern NJRat campaign

    Malware authors upped their game following 2014 disruption of No-IP. In June last year, somewhat controversially Microsoft moved against dynamic DNS provider No-IP and seized 22 of its domains, subdomains of which were used to spread and control the NJRat (also known as Bladabindi) and NJw0rm (also known as Jenxcus) malware families, both of which…

  • Throwback Thursday: IT Security Breaches: The 1994 NCC Survey

    This Throwback Thursday, we turn the clock back to November 1994, when VB asked: what is the nature of the real virus problem, and how much does it cost? Year after year, we see reports and surveys revealing the latest cybercrime figures and statistics — in 2015, respondents to PwC ‘s Global State of Information…

  • VB2015 preview: the Internet of Things

    Experts to cover various aspects of IoT (in)security in a range of talks. As a reader of this blog, and hopefully as someone who will attend VB2015 , you don’t need to be told that more and more devices are being connected to the Internet, nor that this comes with some security issues. And while…

  • File-stealing vulnerability found in Firefox PDF reader

    Both Windows and Linux users actively being targeted. If, like me, you are suffering from vulnerability fatigue after so many flaws and weaknesses having been disclosed in Las Vegas this week, you may be tempted to ignore the advisory Mozilla released yesterday. However, I strongly advise you don’t. The company says it has been made…

  • Paper: Hype heuristics, signatures and the death of AV (again)

    David Harley responds to anti-malware’s many criticasters. Anti-virus is dead. After all, in the current threat landscape, who would use a system that relies on signatures of previously seen malware? At least, that’s what many security experts claim. ESET Senior Research Fellow David Harley has a long history in the security industry — so long…

  • Throwback Thursday: Palm Breach

    This Throwback Thursday, we turn the clock back to July 2000, when concerns were growing about malicious threats to the Palm Personal Digital Assistant. In the 1980s, no one left home without their Filofax. Today, of course, almost no one leaves home without their smartphone, but in 2000 the must-have pocket device was the Personal…

Got any book recommendations?

Get In Touch