Blog

London calling!

Infosecurity Europe, BSides London and the Security Bloggers Meetup.

June is the new April, at least for the security industry, as its traditional get-together in London (Infosecurity Europe) has been moved from the last week of April to the first week of June.

Infosecurity Europe is primarily a trade show, so it is pretty heavy on sales and marketing (you'll have your buzzword bingo scorecard completed within half an hour), but if you are more interested in the technical side of things, you'll still find plenty of things to enjoy, if only because of the many experts who will be walking around the show floor.

Read more...


Paper: On the beat

Kevin Williams looks back at UK law enforcement successes at combating cybercrime.

In a recent Throwback Thursday article, we looked back at the sentencing of self-confessed virus writer Christopher Pile almost 20 years ago. Pile was the first person in the UK to be given a custodial sentence for writing and distributing computer viruses.

He was, of course, not the last. Today, we publish an article by Kevin Williams of TC-UK, who looks back at a number of successes of the UK's Police Central eCrime Unit (PCeU), which he helped set up in 2008. The PCeU's investigations led to the arrest of several individuals involved in computer crime and, as part of international operations involving security firms and foreign law enforcement agencies, the takedown of a number of botnets.

Read more...


Throwback Thursday: Research and Other Hobbies

This Throwback Thursday we reflect on the life of one of industry's greats, who sadly passed away this week: Prof. Klaus Brunnstein.

Professor Klaus Brunnstein was one of the biggest names in anti-virus resarch, a pioneer in the field, and a man whose career was never short of either controversy or success. We were greatly saddened to learn of his death yesterday, and in honour of a man who contributed so much to the industry, we decided to take another look at an interview with Prof. Brunnstein — in April 1996, VB spoke to him about his background, his career, his views and his home life.

Read more...


Weak keys and prime reuse make Diffie-Hellman implementations vulnerable

'Logjam' attack possibly used by the NSA to decrypt VPN traffic.

A group of researchers have discovered a number of vulnerabilities in the way the Diffie-Hellman key exchange protocol is deployed and have demonstrated an attack (dubbed 'Logjam') that exploits these vulnerabilities.

Diffie-Hellman is used by two entities (typically referred to as Alice and Bob) to agree on a secret key over a public channel. This key can then be used to encrypt and decrypt data using a much faster symmetric key algorithm, such as AES, 3DES or the now obsolete RC4. The protocol is widely used, for instance in SSL/TLS.

Read more...


VB Conference

VB2015 Prague, 30 Sept - 2 Oct 2015: Covering the global threat landscape The VB conference is a major highlight of the security calendar, with many of its regular attendees citing it as the IT security event of the year. The 25th Virus Bulletin International Conference (VB2015) takes place 30 September to 2 October 2015 at the Clarion Congress Hotel, Prague, Czech Republic.

Previous VB conference delegates said:

‘Thank you very much for an excellent conference !’


VBSpam

All but three of the 16 full solutions submitted for this month's test achieved a VBSpam award, and six of them achieved a VBSpam+ award. | Read more...


VB100

The latest VB100 comparative on the evergreen Windows 7 resulted in a pleasingly high success rate with just a few products failing to make the grade for certification. | Read more...


Calendar
Date Event Location
June 01 - 05 AusCERT2015 Gold Coast, Australia
June 02 - 04 InfoSecurity Europe London, UK
June 03 BSides London London, UK
June 08 - 11 M3AAWG 34th General Meeting Dublin, Ireland
June 11 Copenhagen Cybercrime Conference 2015 Copenhagen, Denmark
June 12 - 14 CircleCityCon Indianapolis, IN, USA
Jun 13 - 20 SANSFIRE 2015 Baltimore, MD, USA
June 14 - 16 Cyber Security for Financial Services Exchange Charlotte, NC, USA
Sept 30 - Oct 2 VB2015 Prague, Czech Republic
Oct 05 - 07 VB2016 Denver, CO, USA



Twitter

virusbtn:Reuters: US tried, but ultimately failed, to use Stuxnet-like attack against North Korea's nuclear programme http://t.co/ziFKcl0VgK
Fri May 29 19:25:42


virusbtn:Threatpost says goodbye to @TheBrianDonohue by doing one final podcast with him https://t.co/yRDKrNnswb
Fri May 29 18:58:30


virusbtn:"The Internet isn't broken". Guest blog from VB Editor @martijn_grooten for @infosecurity Europe http://t.co/66jyG1NtNM
Fri May 29 17:32:43


virusbtn:Why the aviation industry needs more hackers: @spacerog says the industry shouldn't follow the lead of automakers http://t.co/oCZjUEXmmq
Fri May 29 15:25:48



Advertisement
USENIX ATC15