Tag: conference
-
VB2019 paper: Different ways to cook a crab: GandCrab Ransomware-as-a-Service (RaaS) analysed in depth
Though active for not much longer than a year, GandCrab had been one of the most successful ransomware operations. Running as a Ransomware-as-a-Service scheme, the malware regularly updated itself to newer versions to stay ahead of decryptors released by security researchers. High-level overview of the GandCrab RaaS model. In a paper presented at VB2019 in…
-
VB2019 video: Discretion in APT: recent APT attack on crypto exchange employees
In June, employees at cryptocurrency exchange Coinbase were targeted by emails linking to a website that used two zero-day vulnerabilities in the Firefox browser to deliver macOS malware. The malware, dubbed ‘NetWire’, had previously been known but the exploit allowed it to bypass built-in protections against it. The NetWire sample was analysed by regular VB…
-
Programme for VB2019 Threat Intelligence Practitioners’ Summit announced
In its almost 30-year history, the Virus Bulletin Conference has evolved to become perhaps the most international threat intelligence event of the year. This is yet again reflected on this year’s conference programme, which features speakers from around the globe who will come to London to discuss the latest threats and the tools to analyse…
-
VB2019 preview: Small Talks
Those who attend security conferences know the importance of ‘hallcon’: the conversations that take place in the corridors in between sessions or sometimes between people who have sneaked out of the talks. Hallcon has long been an important part of the Virus Bulletin Conference and four years ago we formalised this by setting up a…
-
VB2019 preview: Problem child: common patterns in malicious parent-child relationships
Living-off-the-land binaries, often referred to as LOLbins, are legitimate ( Windows ) binaries used for malicious purposes. Their use has increased in malware campaigns in recent years and serves as a reminder that a defensive approach focused purely on detecting malicious binaries is outdated. Thus rather than focus on the binaries itself, it is important…
-
VB2019 preview: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry
Half a decade ago, breaches of point-of-sale (POS) systems were a real plague, especially in North America, with the 2013 Target breach perhaps the best known example. Though credit card theft through POS hacks hasn’t completely disappeared, today’s skimmers largely act online, using JavaScript to insert skimmers into websites’ payment pages. The more than a…
-
VB2019 call for last-minute papers closes on Sunday (1 Sept)
The majority of the VB2019 programme was announced in April, and though we like to see VB as a conference that looks beyond the hype, we are more than a little proud that several of the talks have made the security news in recent months: from Operation Soft Cell to the Machete APT group and…
-
21 organisations partner with VB2019
Three months after we announced the first 14 partners and supporting organisations for VB2019 , the 29th Virus Bulletin Conference, seven more organisations have signed up to support the event. We welcome Avast and Kaspersky as Gold partners. Meanwhile, Endgame , Intel and Qihoo 360 have joined as Silver partners. Microsoft has joined as the…
-
VB2019 preview: Exploring Emotet, an elaborate everyday enigma
Active since 2014, initially as a banking trojan, Emotet has been a plague on the Internet in recent years. Emotet’s core strength is its ability to download other malware, thus giving those in control of it remote code execution on infected systems and networks. Emotet has been the initial infection in many high-profile attacks, in…
-
AfricaHackon 2019: a great event and a reminder that security is global
It was a few years ago that I first learned of AfricaHackon , Africa’s premier IT security conference. It led me to invite Tyrus Kamau, one of the event’s organisers, to speak at VB2017 in Madrid in a presentation that was very well received. This year, this invitation was returned and thus I travelled to…