25 matches found
Little Crumbs Can Lead To Giants
This week is the Virus Bulletin Conference in London. Part of the conference is the Cyber Threat Alliance summit, where CTA members like Rapid7 showcase their research into all kinds of cyber threats and techniques. Traditionally, when we investigate a campaign, the focus is mostly on the code of...
Talos takes home top research honors at Virus Bulletin conference
By Jon Munshaw Researchers from Cisco Talos brought up the top award at this year’s Virus Bulletin conference. Talos received the Péter Ször Award — named for the prolific security researcher who was a longtime contributor to Virus Bulletin and passed away in 2013 — for our research into several...
Threat Source newsletter (Aug. 22)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. A lot of people may think that cyber insurance is this new, unexplored field that carries a lot of questions. But did you know that thes...
Say hello to Lord Exploit Kit
Just as we had wrapped up our summer review of exploit kits, a new player entered the scene. Lord EK, as it is calling itself, was caught by Virus Bulletin's Adrian Luca while replaying malvertising chains. In this blog post, we do a quick review of this exploit kit based on what we have collecte...
Beers with Talos EP 39: VB 2018 Rundown and Prevalent Problems with PDF
Beers with Talos BWT Podcast Ep. 39 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Ep. 39 show notes: Recorded Oct. 5, 2018 - We start out with a quick chat to get to know this week’s special guests from the Talo...
Slideshow: Intel from Virus Bulletin 2018
This year’s Virus Bulletin 2018, held in Montreal Oct. 3-5, featured a keynote from Microsoft’s John Lambert and a range of threat intelligence research from BAE Systems, Check Point, Cisco Talos, Citizens Lab, Digita Security, ESET, GoSecure, Kaspersky Lab, Malwarebytes, Sophos Security and more...
Virus Bulletin Publication And Presentation
Virus Bulletin conference is a well regarded intimate technical conference focused on malware research. It provides a good balance between listening to technical talks and spending time exchanging experiences with colleagues from different companies; all working on the same task of making our...
Inside the CCleaner Backdoor Attack
MADRID—As the investigation continues into the backdoor planted inside CCleaner, two members of parent company Avast’s threat intelligence team said today the desktop and cloud versions of the popular software contained different payloads. The revelation was made during a talk at Virus Bulletin...
On Virus Bulletin, APT False Flags, and the NSA Contractor Arrest
Mike Mimoso and Chris Brook discuss this week’s Virus Bulletin conference in Denver and CNBC’s Cambridge Cyber Summit at MIT, the NSA contractor arrest, APT false flags, and more. Download: ThreatpostNewsWrapOctober72016.mp3 Music by Chris Gonsalves...
Martijn Grooten on the Anti-Virus Industry, This Year's Virus Bulletin Conference, and More
Virus Bulletin’s Martijn Grooten joins Ryan Naraine on the podcast to talk about the changing face of the anti-virus industry, the emergence of APTs as a priority for anti-malware researchers and the highlights of the 25th annual VB Conference. Download: martijngrooten10915.mp3 Music by Chris...
Deadly Simple Exploit Bypasses Apple Gatekeeper Security to Install Malicious Apps
Apple Mac Computers are considered to be invulnerable to malware, but the new Exploit discovered by security researchers proves it indeed quite false. Patrick Wardle, director of research at security firm Synack, has found a deadly simple way that completely bypass one of the core security featur...
FireFox file stealing 0day vulnerability has been hacked“real”use, the official emergency release to fix patch-bug warning-the black bar safety net
In Russia a web site, the researchers found a Firefox serious 0day exploits program Exp code, you can steal Windows and Linux users on the computer file. This security event is forcing Mozilla to the official emergency release patch. Vulnerability description The vulnerability is caused by the...
FBI to Open Up Malware Investigator Portal to External Researchers
SEATTLE–The FBI has developed an internal malware-analysis tool, somewhat akin to the systems used by antimalware companies, and plans to open the system up to external security researchers, academics and others. The system is known as Malware Investigator and is designed to allow FBI agents and...
AdThief iOS Malware Affecting 75K Jailbroken Devices
A relatively new form of malware on iOS is estimated to have stolen revenue from 22 million ads and infected upwards to 75,000 devices so far. The malware, iOS/AdThief, was first identified back in March but wasn’t fully articulated until Axelle Aprville, a researcher with Fortinet, looked into t...
Ryan Naraine on Virus Bulletin 2013, Zero Days and Cyberwarfare
Dennis Fisher talks with Ryan Naraine about the news from the Virus Bulletin 2013 conference, whether the use of zero days is overrated and the collateral damage that can result from cyberwarfare attacks. Download: digitalunderground128.mp3...
Researchers Analyzing Attack Patterns With Cloud-Based Malware Data
BARCELONA–Successful targeted attacks against companies such as RSA, Google and others have made huge splashes in the news in the last year or two and drawn a lot of attention to the phenomenon. But it’s not just the successful attacks that are interesting, security researchers say. In many cases...
TDL4 Rootkit Bypasses Windows Code-Signing Protection
In recent versions of Windows, specifically Vista and Windows 7, Microsoft has introduced a number of new security features designed to prevent malicious code from running. But attackers are continually finding new ways around those protections, and the latest example is a rootkit that can bypass...
All Eyes On Stuxnet At Annual Virus Researcher Summit
The world will know more about the mysterious Stuxnet virus by week’s end, after top virus researchers reveal the findings of their post mortem on Stuxnet at the annual Virus Bulletin Conference. HED: All eyes on Stuxnet at annual virus researcher summit DEK: Researchers will reveal new details...
Despite Security Hiccups, IE6 Usage Still High
Despite widespread calls to boycott IE 6 and Microsoft‘s plans to retire support for the browser, 19% of respondents in a Virus Bulletin poll said that they are still running the browser, whether at home, at work, or both. In VB‘s poll, 15% of respondents said they were running the browser at wor...
Talking Twitter Malware with Costin Raiu
On the heels of yet another Twitter phishing attack, Threatpost editor Ryan Naraine chats with Kaspersky Lab malware researcher Costin Raiu about a new "Krab Krawler" project that pinpoints signs of malicious activity on Twitter. Raiu introduced the project at this year’s Virus Bulletin conferenc...