Blog

Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution

The operating system has been patched, but it is unclear whether users will receive those patches.

Researchers at mobile security firm Zimperium have discovered a remote code execution flaw in the Stagefright media library used on Android phones. The vulnerability allegedly means it could, for instance, take one MMS message for an attacker to run code on a targeted device. In some cases, if the device is old, this code could even be run with elevated system privileges.

Few technical details have been made public so far, but Zimperium's Joshua J. Drake will present the research at the Black Hat and DEF CON security events next week.

Read more...


Throwback Thursday: Sizewell B: Fact or Fiction?

This Throwback Thursday, we turn the clock back to 1993, when VB asked the key question: could a virus compromise safety at one of Britain's nuclear power plants?

2010 saw the discovery of Stuxnet, which targeted industrial control systems in general, with the specific target of a particular Iranian nuclear facility — but 2010 wasn't the first time VB had reported on a virus infection at a nuclear facility.

Read more...


Call for last-minute papers for VB2015 announced

Ten speaking slots waiting to be filled with presentations on 'hot' security topics.

There's never a dull moment in the world of IT security. Whether you think the breach of spyware maker Hacking Team is the most important story of the past few months, that the breach at Ashley Madison was at least as embarrassing for those affected, or you feel that the fact that anti-virus companies were found to be targeted by a piece of sophisticated malware as well as by intelligence agencies directly is a more important story: it's been an interesting few months.

With all of this in the news, we are all the more glad that, just as in previous years, we have set aside a portion of the VB2015 conference programme for 'last-minute papers': presentations dealing with up-to-the-minute specialist topics, with the emphasis on current and emerging ('hot') topics.

Read more...


Spam levels fall below 50% for the first time in 12 years

Decline not necessarily good news for spam filters.

For the first time in 12 years, less than half of email traffic is spam, Symantec reports in the latest issue of its monthly Intelligence Report (pdf).

Spam is notoriously hard to measure, and different methodologies, definitions and spam sources can give significantly different numbers. On top of that, spam also differs greatly between recipient users and organizations. So the fact that spam has dropped to less than 50 per cent of email isn't particularly newsworthy — but the decline itself is, and suggests at least a four-fold decrease in spam volumes over the past few years.

Read more...


VB Conference

VB2015 Prague, 30 Sept - 2 Oct 2015: Covering the global threat landscape The VB conference is a major highlight of the security calendar, with many of its regular attendees citing it as the IT security event of the year. The 25th Virus Bulletin International Conference (VB2015) takes place 30 September to 2 October 2015 at the Clarion Congress Hotel, Prague, Czech Republic.

Previous VB conference delegates said:

‘The VB conference is must-see event undoubtedly. A reference event in the field, definitely.’


VBSpam

Despite a drop in the average spam catch rate of products in this month's VBSpam review, all but one of the 16 full anti-spam solutions tested achieved a VBSpam award, with four of them achieving a VBSpam+ award.. | Read more...


VB100

The latest VB100 comparative on the evergreen Windows 7 resulted in a pleasingly high success rate with just a few products failing to make the grade for certification. | Read more...


Calendar
Date Event Location
Aug 01 - 06 Black Hat USA Las Vegas, NV, USA
Aug 04 - 05 BSides Las Vegas Las Vegas, NV, USA
Aug 06 - 09 Defcon 23 Las Vegas, NV, USA
Aug 12 - 14 USENIX Security '15 Washington, DC, USA
Sept 09 - 11 44CON London London, UK
Sept 23 - 27 DerbyCon Louisville, KY, USA
Sept 30 - Oct 2 VB2015 Prague, Czech Republic
Oct 05 - 07 BruCON Ghent, Belgium
Oct 05 - 07 VB2016 Denver, CO, USA



Twitter

virusbtn:Xen issues advisory on new guest-to-host escape vulnerability http://t.co/e6Vph7lPQM
Tue Jul 28 10:03:46


virusbtn:New blog: Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution https://t.co/7Ihq4jALIW
Tue Jul 28 09:33:41


virusbtn:The Angler exploit kit is going after point-of-sale devices http://t.co/Y6JI2OnVLa
Tue Jul 28 08:59:45


virusbtn:Automattic, the company behind WordPress, expresses frustration about not being able to say more about NSLs http://t.co/e5soQ9Irg6
Tue Jul 28 08:30:25



Advertisement
Jobs Career Sidebar