This Throwback Thursday, we turn the clock back to November 2003, when spam was such a hot topic that VB decided to launch a dedicated 'VB Spam Supplement'.
While, today, spam is a problem that is generally very well mitigated, 12 years ago it was a subject of growing concern and was becoming of increasing interest to the AV industry, with a veritable stampede of AV vendors rushing to bring anti-spam solutions to market alongside their anti-virus products.
With volumes of unsolicited email growing almost by the day, there was great interest in the ways in which users were affected by it, so in November 2003, VB decided to launch the 'VB Spam Supplement', a section of Virus Bulletin magazine that would be dedicated to news and articles on spam and anti-spam techniques.
Aditya K. Sood and Rohit Bansal highlight a different side of an exploit kit.
Exploit kits are a serious plague on the Internet, made worse by the fact that the online advertisement ecosystem allows cybercriminals to run their malicious code on many websites. The kits are studied extensively by security researchers, who attempt to follow their development as the kits' authors try to make sure detection is evaded.
Today, we publish a paper by Aditya K. Sood (Elastica) and Rohit Bansal (SecNiche Security Labs), who look at another side of an exploit kit: the interface used by the malware authors who rely on exploit kits to get their malware installed on victims' machines.
This Throwback Thursday, we turn the clock back to March 2000, when DDoS attacks were a newly emerging menace.
Today, DDoS attacks are a well-known form of cyber abuse — indeed, even this week, Swiss encrypted webmail provider ProtonMail has been the target of a sustained DDoS attack.
In early 2000, however, DDoS attacks were far from common (even though the concept had been around for some time), so when, in February 2000, some of the Internet's largest websites including CNN, MSN, Yahoo and others were disrupted by DDoS attacks, the media went into overdrive with the story, describing 'cyber-attacks batter[ing] web heavyweights'.
In his VB2015 keynote address, Ross Anderson described attacks against EMV cards.
The VB2015 opening keynote by Ross Anderson could hardly have been more timely. In his talk "The Internet of Bad Things, Observed", the Cambridge professor looked at various attacks against the EMV standard for payment cards — attacks that have been used to steal real money from real people.
Such cards, often called chip-and-PIN or chip-and-signature, are generally seen as better protected against compromised point-of-sale terminals, which have been the cause of a number of prominent data breaches in North America. On 1 October 2015, the day after Ross's talk, a liability shift took place in the US and Canada, making merchants whose terminals do not support EMV liable for fraudulent transactions.