VB Migration

Tag: paper

  • VB2018 paper: The dark side of WebAssembly

    With this year’s very successful Virus Bulletin Conference (VB2018) now behind us, we plan to continue the tradition of publishing most of the papers and videos of the presentations. We start with ‘The Dark Side of WebAssembly’, a paper by Symantec researchers Aishwarya Lonkar and Siddhesh Chandrayan that was part of the conference proceedings but,…

  • Paper: EternalBlue: a prominent threat actor of 2017–2018

    A little over a year ago, one of the defining security events of the decade occurred: the WannaCry outbreak. A damaging and destructive cyber attack that hit the UK’s National Health Service particularly hard. The high infection rate of WannaCry was in large part thanks to its implementation of ‘EternalBlue’, an exploit of a remote…

  • Paper: EternalBlue: a prominent threat actor of 2017–2018

    A little over a year ago, one of the defining security events of the decade occurred: the WannaCry outbreak. A damaging and destructive cyber attack that hit the UK’s National Health Service particularly hard. The high infection rate of WannaCry was in large part thanks to its implementation of ‘EternalBlue’, an exploit of a remote…

  • VB2017 preview: Hacktivism and website defacement: motivations, capabilities and potential threats

    In March this year, following a political row between the Netherlands and Turkey, a large number of Dutch websites were defaced to display messages in support of the Turkish government. It was another example in a growing trend of socio-political motivated attackers defacing websites, or performing other kinds of hacks, to spread their message. For…

  • VB2017 preview: Hacktivism and website defacement: motivations, capabilities and potential threats

    In March this year, following a political row between the Netherlands and Turkey, a large number of Dutch websites were defaced to display messages in support of the Turkish government. It was another example in a growing trend of socio-political motivated attackers defacing websites, or performing other kinds of hacks, to spread their message. For…

  • VB2016 paper: BlackEnergy – what we really know about the notorious cyber attacks

    In a blog post published on Friday, ESET researcher Anton Cherepanov provides evidence linking last week’s (Not)Petya attacks to the BlackEnergy group; Kaspersky researchers also believe there is some evidence the two are linked, though they say there are only low confidence indicators. Going back at least a decade, and likely cybercriminal in origin, the…

  • VB2016 paper: BlackEnergy – what we really know about the notorious cyber attacks

    In a blog post published on Friday, ESET researcher Anton Cherepanov provides evidence linking last week’s (Not)Petya attacks to the BlackEnergy group; Kaspersky researchers also believe there is some evidence the two are linked, though they say there are only low confidence indicators. Going back at least a decade, and likely cybercriminal in origin, the…

  • VB2016 paper: Uncovering the secrets of malvertising

    In his VB2014 paper , Bromium researcher Vadim Kotov sketched the possibilities for malicious actors to use web ads to spread exploit kits. Unsurprisingly, malicious actors also spotted those possibilities, and the advertisement ecosystem has become such a big attack surface that many security experts advise the running of ad-blockers to enhance security. Today, we…

  • VB2016 paper: Uncovering the secrets of malvertising

    In his VB2014 paper , Bromium researcher Vadim Kotov sketched the possibilities for malicious actors to use web ads to spread exploit kits. Unsurprisingly, malicious actors also spotted those possibilities, and the advertisement ecosystem has become such a big attack surface that many security experts advise the running of ad-blockers to enhance security. Today, we…

  • VB2016 paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks

    Security researchers have a complicated relationship with attribution. On the one hand, for technical analyses, it doesn’t matter whether an attack was performed by a Bear, a Panda or an Eagle, and whether it was Cozy or Fancy. But security research doesn’t exist in a void, and in an era where the overlap with geopolitics…