Tag: vb2019
-
VB2019 paper: Geost botnet. The story of the discovery of a new Android banking trojan from an OpSec error
OpSec mistakes are what lead to many malware discoveries, but in the case of the Geost Android botnet the mistake was a really interesting one: its operators were using another botnet, HtBot, to manage infected devices, not realising that researchers were analysing some HtBot-infected hosts. This led researchers Sebastian García, Maria Jose Erquiaga and Anna…
-
Analysis of malware responsible for sextortion spam that mines for Monero on the side
Reason Cybersecurity was one of the Platinum partners of VB2019 . After a guest blog post published earlier this month, their researchers have written an analysis of malware they call ‘Save Yourself’. The malware is responsible for sending a large number of spam emails part of a sextortion campaign, where the goal is to trick…
-
Guest blog: Threat intelligence – a unifying force of the future
In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence. The advent of the Internet and Internet-enabled technologies not only ushered in the era of cyberattacks, but it also influenced the development of complex systems that are frustratingly and increasingly difficult to secure and protect against these attacks.…
-
Guest blog: Why we should be paying more attention to Linux threats
In a guest blog post VB2019 Silver partner Intezer outlines the importance of paying more attention to Linux threats. In a previous blog post written for the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC), we discussed the emergence of Linux -based threats. This threat ecosystem is heavily concentrated with financially driven cryptominers and…
-
Programme for VB2019 Threat Intelligence Practitioners’ Summit announced
In its almost 30-year history, the Virus Bulletin Conference has evolved to become perhaps the most international threat intelligence event of the year. This is yet again reflected on this year’s conference programme, which features speakers from around the globe who will come to London to discuss the latest threats and the tools to analyse…
-
Guest blog: TotalAV uncovers the world’s first ransomware
In a guest blog post by VB2019 Silver partner TotalAV , Matthew Curd, the software’s Technical Expert, considers the changes in the cybersecurity landscape. Rediscovered in an old storage box amongst a collection of old magazines, a five-and-a-quarter-inch floppy was brought into the Protected.net office in late June – dated 1989. The disk, older than…
-
VB2019 preview: Small Talks
Those who attend security conferences know the importance of ‘hallcon’: the conversations that take place in the corridors in between sessions or sometimes between people who have sneaked out of the talks. Hallcon has long been an important part of the Virus Bulletin Conference and four years ago we formalised this by setting up a…
-
VB2019 preview: Problem child: common patterns in malicious parent-child relationships
Living-off-the-land binaries, often referred to as LOLbins, are legitimate ( Windows ) binaries used for malicious purposes. Their use has increased in malware campaigns in recent years and serves as a reminder that a defensive approach focused purely on detecting malicious binaries is outdated. Thus rather than focus on the binaries itself, it is important…
-
VB2019 preview: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry
Half a decade ago, breaches of point-of-sale (POS) systems were a real plague, especially in North America, with the 2013 Target breach perhaps the best known example. Though credit card theft through POS hacks hasn’t completely disappeared, today’s skimmers largely act online, using JavaScript to insert skimmers into websites’ payment pages. The more than a…
-
VB2019 call for last-minute papers closes on Sunday (1 Sept)
The majority of the VB2019 programme was announced in April, and though we like to see VB as a conference that looks beyond the hype, we are more than a little proud that several of the talks have made the security news in recent months: from Operation Soft Cell to the Machete APT group and…