VB Migration

Tag: symantec

  • VB2018 paper: The dark side of WebAssembly

    With this year’s very successful Virus Bulletin Conference (VB2018) now behind us, we plan to continue the tradition of publishing most of the papers and videos of the presentations. We start with ‘The Dark Side of WebAssembly’, a paper by Symantec researchers Aishwarya Lonkar and Siddhesh Chandrayan that was part of the conference proceedings but,…

  • VB2018 paper: The dark side of WebAssembly

    With this year’s very successful Virus Bulletin Conference (VB2018) now behind us, we plan to continue the tradition of publishing most of the papers and videos of the presentations. We start with ‘The Dark Side of WebAssembly’, a paper by Symantec researchers Aishwarya Lonkar and Siddhesh Chandrayan that was part of the conference proceedings but,…

  • VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel

    Trickbot, first reported a year ago by Malwarebytes researcher Jérôme Segura as the successor of Dyre/Dyreza, has become perhaps the most important banking trojan of 2017. It is known for its regular updates, with its use of SMB for lateral movement particularly noteworthy. Symantec ‘s Director of Threat Research Andrew Brandt is one of many…

  • VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel

    Trickbot, first reported a year ago by Malwarebytes researcher Jérôme Segura as the successor of Dyre/Dyreza, has become perhaps the most important banking trojan of 2017. It is known for its regular updates, with its use of SMB for lateral movement particularly noteworthy. Symantec ‘s Director of Threat Research Andrew Brandt is one of many…

  • VB2016 paper: One-Click Fileless Infection

    Over the last few years, we have seen a sharp increase in ‘fileless’ infections, where a machine is compromised without a malicious file ever being written to disk. Though not impossible to detect and prevent, they do require a security product. In a paper entitled “One-click fileless infection” presented at VB2016 in Denver, Symantec researchers…

  • VB2016 paper: One-Click Fileless Infection

    Over the last few years, we have seen a sharp increase in ‘fileless’ infections, where a machine is compromised without a malicious file ever being written to disk. Though not impossible to detect and prevent, they do require a security product. In a paper entitled “One-click fileless infection” presented at VB2016 in Denver, Symantec researchers…

  • Symantec quietly retires PC Tools security product lines

    Sales of Spyware Doctor and other security products end, support to continue for existing users. Symantec has quietly announced the end of life the of PC Tools security product lines, including PC Tools Spyware Doctor , PC Tools Spyware Doctor with Antivirus and PC Tools Internet Security . Users with existing subscriptions will be supported…

  • From spear phishing to watering holes

    Symantec reports increase in ‘watering hole attacks’. Imagine that for some reason you wanted to gain access to my computer. One thing you could do is send me an email with some malware attached, or a link to a site serving malware. That is called spear phishing. Spear-phishing is commonly used in targeted attacks; for…

  • ‘Nitro attacks’ continue

    PoisonIvy trojan sent attached to email warning about the same trojan. Researchers at Symantec report that the ‘ Nitro attacks ‘, which target a number of large companies, many of which are active in the chemical industry, are continuing, using the same methods as before. In the most recent part of this attack, employees of…

  • Spammers exploit internationalized domain names

    Non-Latin characters in URLs used to trick filters. By using internationalized domain names (IDN), spammers manage to avoid detection of URLs in their messages. IDNs were introduced in 2003 and allow for domain names in non-Latin alphabets, such as Russian, Chinese and Arabic, as well as in Latin with diactitics. On top of that, last…