- VB2017 paper: Modern reconnaissance phase on APT – protection layer
During recent research, Cisco Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. At VB2017 in Madrid, two of those researchers, Paul Rascagneres and Warren Mercer, presented a paper detailing five case studies that demonstrate how the infection vector is evolving. Today we publish both Paul and Warren's paper and the recording of their presentation.
- VB2017 paper: Peering into spam botnets
At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.
- Throwback Thursday: Anti-malware testing undercover
We look back at the VB2016 presentation by Righard Zwienenberg (ESET) and Luis Corrons (Panda Security), in which they discussed various issues relating to anti-malware testing.
- Virus Bulletin relaunches VB Security Jobs Market for both employers and job seekers
As an independent body in the IT security industry, Virus Bulletin is in an ideal position to act as a global source of information both about jobs currently available in the field and about those candidates currently seeking to start or progress their career in the industry - which is why we have relaunched the VB Security Jobs Market.
- VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server
At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.
- Tizi Android malware highlights the importance of security patches for high-risk users
Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.
- Virus Bulletin to attend AMTSO, AVAR and Botconf
Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.
- VB2017 video: FinFisher: New techniques and infection vectors revealed
Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.
- Throwback Thursday: The beginning of the end(point): where we are now and where we'll be in five years
We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.
- VB2017 paper: Beyond lexical and PDNS: using signals on graphs to uncover online threats at scale
At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.