You are your own threat model

For most people, the biggest security threat is that of themselves doing something they shouldn't do.

Last week, Microsoft wrote about the return of macro malware where, now that macros have long been disabled by default, social engineering is used to trick the user into enabling them.

Although it was interesting to read Microsoft's perspective, this isn't news. Last year, we published a paper by Sophos researcher Gabor Szappanos on the resurgence of malicious VBA macros. Since then, macro malware has become even more prevalent; recently, it was used to download Bartalex, Dridex and Dyre onto victims' machines.


Report: six anti-virus solutions pass annual Linux test

Clean sweep of passes in VB100 test on Red Hat Enterprise Linux.

2015 will yet again not be the 'Year of the Linux Desktop', yet behind the scenes' Linux plays an important role in many organisations by running the servers on which files are stored centrally. Such servers could easily become centres of malware infection; hence a number of companies offer anti-malware solutions that aim to protect them.

In VB's annual VB100 test on Linux, John Hawes and his team tested six of these solutions — Avast, AVG, Bitdefender, eScan, ESET and Kaspersky — all of which achieved a VB100 award.


Throwback Thursday: Regina v Christopher Pile: The Inside Story & Off with his Head!

This Throwback Thursday, we bring you not one but two (related) pieces from the archives as VB heads back to 1996 to look at events surrounding the issuing of the UK's first custodial sentence for writing and distributing computer viruses.

Over the last couple of years, the 'Throwback Thursday' trend has taken the Internet by storm, with social media users indulging in a weekly wallow in nostalgia. The VB team decided it was high time we got in on the act, using the opportunity to take a regular delve into our archives.


POODLE is the brown M&Ms of security

Just because it won't be exploited, doesn't mean you shouldn't patch it.

There is a famous story about the rock band Van Halen whose lists of requirements when performing a show included some M&Ms — but "absolutely no brown ones".

The story is true and has little to do with childish rock star behaviour. The band's technical requirements were so complicated that they were worried the concert organisers wouldn't read them all. The M&Ms requirement, stuck in the middle of the long rider, provided the band with a quick check to verify whether it had actually been read in full detail.


VB Conference

VB2015 Prague, 30 Sept - 2 Oct 2015: Covering the global threat landscape The VB conference is a major highlight of the security calendar, with many of its regular attendees citing it as the IT security event of the year. The 25th Virus Bulletin International Conference (VB2015) takes place 30 September to 2 October 2015 at the Clarion Congress Hotel, Prague, Czech Republic.

Previous VB conference delegates said:

‘Organization of the conference was flawless. I really appreciate that the talks were kept strictly on time.’


All but three of the 16 full solutions submitted for this month's test achieved a VBSpam award, and six of them achieved a VBSpam+ award. | Read more...


The latest VB100 comparative on the evergreen Windows 7 resulted in a pleasingly high success rate with just a few products failing to make the grade for certification. | Read more...

Date Event Location
May 10 - 14 Third International ICS Cyber Security Forum Abu Dhabi, UAE
May 11 - 12 9th International CARO Workshop Hamburg, Germany
May 11 - 12 Global Forum on Cyber Security for Financial Sector Frankfurt, Germany
May 12 - 13 2nd Annual Kingdom Cyber Security Forum Riyadh, Saudi Arabia
May 13 - 14 Oil and Gas Cyber Security North America Houston, TX, USA
May 26 - 29 eCrime 2015 Barcelona, Spain
May 28 - 29 Hack in the Box Amsterdam, the Netherlands
June 01 - 05 AusCERT2015 Gold Coast, Australia
Sept 30 - Oct 2 VB2015 Prague, Czech Republic
Oct 05 - 07 VB2016 Denver, CO, USA


virusbtn:It's always a good idea to throw away spam. Especially if it comes from a carding forum
Tue May 05 21:24:56

virusbtn:Trend Micro researcher @dsancho66 writes about the use of steganography in malware
Tue May 05 20:57:40

virusbtn:Details on the latest version of the Andromeda botnet, by @EternalTodo
Tue May 05 20:30:24

virusbtn:From earlier today: You are your own threat model. @martijn_grooten on most users' biggest threat
Tue May 05 20:00:09

Jobs Career Sidebar