Paper: On the beat

Kevin Williams looks back at UK law enforcement successes at combating cybercrime.

In a recent Throwback Thursday article, we looked back at the sentencing of self-confessed virus writer Christopher Pile almost 20 years ago. Pile was the first person in the UK to be given a custodial sentence for writing and distributing computer viruses.

He was, of course, not the last. Today, we publish an article by Kevin Williams of TC-UK, who looks back at a number of successes of the UK's Police Central eCrime Unit (PCeU), which he helped set up in 2008. The PCeU's investigations led to the arrest of several individuals involved in computer crime and, as part of international operations involving security firms and foreign law enforcement agencies, the takedown of a number of botnets.


Throwback Thursday: Research and Other Hobbies

This Throwback Thursday we reflect on the life of one of industry's greats, who sadly passed away this week: Prof. Klaus Brunnstein.

Professor Klaus Brunnstein was one of the biggest names in anti-virus resarch, a pioneer in the field, and a man whose career was never short of either controversy or success. We were greatly saddened to learn of his death yesterday, and in honour of a man who contributed so much to the industry, we decided to take another look at an interview with Prof. Brunnstein — in April 1996, VB spoke to him about his background, his career, his views and his home life.


Weak keys and prime reuse make Diffie-Hellman implementations vulnerable

'Logjam' attack possibly used by the NSA to decrypt VPN traffic.

A group of researchers have discovered a number of vulnerabilities in the way the Diffie-Hellman key exchange protocol is deployed and have demonstrated an attack (dubbed 'Logjam') that exploits these vulnerabilities.

Diffie-Hellman is used by two entities (typically referred to as Alice and Bob) to agree on a secret key over a public channel. This key can then be used to encrypt and decrypt data using a much faster symmetric key algorithm, such as AES, 3DES or the now obsolete RC4. The protocol is widely used, for instance in SSL/TLS.


Virus Bulletin announces student tickets for VB2015

87% discount for students and the option to give a lightning talk.

A few weeks ago, we opened registration for VB2015, which will take place in Prague from 30 September to 2 October.

Today, we are pleased to announce a generous offer for students: those in full-time education can attend the 25th Virus Bulletin Conference for just $250 (+21% Czech VAT). That's a discount of almost 87%!


VB Conference

VB2015 Prague, 30 Sept - 2 Oct 2015: Covering the global threat landscape The VB conference is a major highlight of the security calendar, with many of its regular attendees citing it as the IT security event of the year. The 25th Virus Bulletin International Conference (VB2015) takes place 30 September to 2 October 2015 at the Clarion Congress Hotel, Prague, Czech Republic.

Previous VB conference delegates said:

‘In terms of networking, this conference has been superb.’


All but three of the 16 full solutions submitted for this month's test achieved a VBSpam award, and six of them achieved a VBSpam+ award. | Read more...


The latest VB100 comparative on the evergreen Windows 7 resulted in a pleasingly high success rate with just a few products failing to make the grade for certification. | Read more...

Date Event Location
May 26 - 29 eCrime 2015 Barcelona, Spain
May 28 - 29 Hack in the Box Amsterdam, the Netherlands
June 01 - 05 AusCERT2015 Gold Coast, Australia
June 02 - 04 InfoSecurity Europe London, UK
June 03 BSides London London, UK
June 08 - 11 M3AAWG 34th General Meeting Dublin, Ireland
June 11 Copenhagen Cybercrime Conference 2015 Copenhagen, Denmark
June 12 - 14 CircleCityCon Indianapolis, IN, USA
Sept 30 - Oct 2 VB2015 Prague, Czech Republic
Oct 05 - 07 VB2016 Denver, CO, USA


virusbtn:Paper: On the beat. In which @teamcymru's Kevin Williams looks at UK LE successes in the fight against cybercrime
Fri May 22 11:54:17

virusbtn:Storm DDoS kit uses a few strong servers rather than many infected end-point machines to perform its attacks
Thu May 21 16:24:33

virusbtn:Trend Micro researcher @dsancho66 finishes his three-part series on the use of steganography in malware
Thu May 21 15:57:46

virusbtn:ZScaler's John Mancuso analyses the infectoin cycle of the RIG exploit kit
Thu May 21 15:27:25

Jobs Career Sidebar