Throwback Thursday: Legal attempts to reduce spam. A UK perspective

This Throwback Thursday, we turn the clock back to November 2003, when spam was such a hot topic that VB decided to launch a dedicated 'VB Spam Supplement'.

While, today, spam is a problem that is generally very well mitigated, 12 years ago it was a subject of growing concern and was becoming of increasing interest to the AV industry, with a veritable stampede of AV vendors rushing to bring anti-spam solutions to market alongside their anti-virus products.

With volumes of unsolicited email growing almost by the day, there was great interest in the ways in which users were affected by it, so in November 2003, VB decided to launch the 'VB Spam Supplement', a section of Virus Bulletin magazine that would be dedicated to news and articles on spam and anti-spam techniques.


Paper: 3ROS exploit framework kit — one more for the infection road

Aditya K. Sood and Rohit Bansal highlight a different side of an exploit kit.

Exploit kits are a serious plague on the Internet, made worse by the fact that the online advertisement ecosystem allows cybercriminals to run their malicious code on many websites. The kits are studied extensively by security researchers, who attempt to follow their development as the kits' authors try to make sure detection is evaded.

Today, we publish a paper by Aditya K. Sood (Elastica) and Rohit Bansal (SecNiche Security Labs), who look at another side of an exploit kit: the interface used by the malware authors who rely on exploit kits to get their malware installed on victims' machines.


Throwback Thursday: What DDoS it all Mean?

This Throwback Thursday, we turn the clock back to March 2000, when DDoS attacks were a newly emerging menace.

Today, DDoS attacks are a well-known form of cyber abuse — indeed, even this week, Swiss encrypted webmail provider ProtonMail has been the target of a sustained DDoS attack.

In early 2000, however, DDoS attacks were far from common (even though the concept had been around for some time), so when, in February 2000, some of the Internet's largest websites including CNN, MSN, Yahoo and others were disrupted by DDoS attacks, the media went into overdrive with the story, describing 'cyber-attacks batter[ing] web heavyweights'.


The Internet of Bad Things, Observed

In his VB2015 keynote address, Ross Anderson described attacks against EMV cards.

The VB2015 opening keynote by Ross Anderson could hardly have been more timely. In his talk "The Internet of Bad Things, Observed", the Cambridge professor looked at various attacks against the EMV standard for payment cards — attacks that have been used to steal real money from real people.

Such cards, often called chip-and-PIN or chip-and-signature, are generally seen as better protected against compromised point-of-sale terminals, which have been the cause of a number of prominent data breaches in North America. On 1 October 2015, the day after Ross's talk, a liability shift took place in the US and Canada, making merchants whose terminals do not support EMV liable for fraudulent transactions.



For the first time since July 2014, all full solutions in this month's test achieved VBSpam certification. Moreover, an additional measure introduced this month showed that products rarely delayed the delivery of emails. | Read more...


This month VB lab team put 14 business products and 30 consumer products to the test on Windows 8.1 Pro. The VB100 pass rate was decent, although not quite up to the perfect or near-perfect fields seen in a few recent tests. | Read more...

Date Event Location
Dec 02 - 04 Botconf '15 Paris, France
Jan 15 - 17 Shmoocon Washington D.C., USA
Feb 15 - 18 M3AAWG 36th General Meeting San Francisco, CA, USA
Mar 14 - 18 TROOPERS16 Heidelberg, Germany
Mar 16 - 18 CanSecWest Vancouver, BC, Canada
June 09 Copenhagen Cybercrime Conference 2016 Copenhagen, Denmark
Oct 05 - 07 VB2016 Denver, CO, USA

VB Conference

VB2016 Denver, 5-7 Oct 2016: Covering the global threat landscape
The VB conference is a major highlight of the security calendar, with many of its regular attendees citing it as the IT security event of the year. VB2016 will take place in Denver, Colorado, USA.

Previous VB conference delegates said:

‘Very useful and enjoyable, with unparalleled networking.’


virusbtn:Using Unicode's Byte Order Mark to obfuscate spammy URLs
Wed Nov 18 11:56:23

virusbtn:The @EFF seizes control of domain claiming to be theirs which was spreading malware
Wed Nov 18 11:22:22

virusbtn:The Derusbi malware bypasses Windows driver signing. @r00tbsd explains how it does that
Wed Nov 18 10:47:42

virusbtn:A look ahead at tomorrow's #irisscon conference by @euroinfosec
Wed Nov 18 10:15:56

Jobs Recruit Sidebar