Tag: vb2017
-
VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server
Few readers of this blog will believe that there aren’t any security issues with Apple ‘s macOS operating system, a point made rather unsubtly by yesterday’s discovery of a flaw that lets anyone log into a computer running macOS High Sierra – as the root user, no less. Those who have been following Patrick Wardle’s…
-
VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server
Few readers of this blog will believe that there aren’t any security issues with Apple ‘s macOS operating system, a point made rather unsubtly by yesterday’s discovery of a flaw that lets anyone log into a computer running macOS High Sierra – as the root user, no less. Those who have been following Patrick Wardle’s…
-
VB2017 video: FinFisher: New techniques and infection vectors revealed
Over the last few years, the infamous FinFisher government spyware (already the subject of a VB2013 paper ) has done a good job of staying under the radar. Recently, however, it made the news because of its use of the then zero-day CVE-2017-8759 and the likely involvement of ISPs in targets getting infected. In a…
-
VB2017 video: FinFisher: New techniques and infection vectors revealed
Over the last few years, the infamous FinFisher government spyware (already the subject of a VB2013 paper ) has done a good job of staying under the radar. Recently, however, it made the news because of its use of the then zero-day CVE-2017-8759 and the likely involvement of ISPs in targets getting infected. In a…
-
VB2017 paper: Beyond lexical and PDNS: using signals on graphs to uncover online threats at scale
Malicious Internet traffic, such as botnet C&C traffic, is easily recognized if it uses known bad domain names, or known bad IP addresses. This is why botnets constantly change the domain names, and often also the IP addresses they use, thus trying to stay one step ahead of the defenders. Enter big data: infected devices…
-
VB2017 paper: Beyond lexical and PDNS: using signals on graphs to uncover online threats at scale
Malicious Internet traffic, such as botnet C&C traffic, is easily recognized if it uses known bad domain names, or known bad IP addresses. This is why botnets constantly change the domain names, and often also the IP addresses they use, thus trying to stay one step ahead of the defenders. Enter big data: infected devices…
-
VB2017 video: Consequences of bad security in health care
” You are probably asking yourselves what a nurse is doing at a cybersecurity conference. Trust me, my colleagues are even more surprised, because they truly believe that hospitals have the best security ever. ” Thus Jelena Milosevic , a nurse with a passion for IT security, began her VB2017 presentation , ‘Consequences of bad…
-
VB2017 video: Consequences of bad security in health care
” You are probably asking yourselves what a nurse is doing at a cybersecurity conference. Trust me, my colleagues are even more surprised, because they truly believe that hospitals have the best security ever. ” Thus Jelena Milosevic , a nurse with a passion for IT security, began her VB2017 presentation , ‘Consequences of bad…
-
VB2017 paper: The (testing) world turned upside down
Few subjects are as hotly debated within the security community as the testing of security software. Virus Bulletin has been at the core of many of these debates, both as a company with two decades’ worth of experience testing security software and as a facilitator through the Bulletin and our conference. At VB2017 in Madrid,…
-
VB2017 paper: The (testing) world turned upside down
Few subjects are as hotly debated within the security community as the testing of security software. Virus Bulletin has been at the core of many of these debates, both as a company with two decades’ worth of experience testing security software and as a facilitator through the Bulletin and our conference. At VB2017 in Madrid,…