Bulletin

The Bulletin is an indispensable source of reference for anyone concerned with the prevention, detection and removal of computer threats, including but not limited to malware and spam.

Between 1989 and 2014, VB published the monthly, subscriber-based Virus Bulletin magazine. The Bulletin is a continuation of that publication, but with more frequent releases - the Bulletin is available free of charge and requires no registration.

On a regular basis (at least once a month), the Bulletin provides:

  • Thought-provoking news and opinions from respected members of the security industry.
  • Detailed analyses of the latest threats.
  • Feature-length articles exploring new developments and techniques in the global threat landscape.
  • Updates on the latest global cybercrime strategies.
  • Comparative reviews featuring the unique VB100 and VBSpam award schemes.

Some of our recent articles:

VB2014 paper: The pluginer - Caphaw

Caphaw, also known as Shylock, has been a quiet, yet persistent player on the botnet scene since 2011. It stands in great contrast to most botnet malware in that it was released with complete functionality rather than being released into the wild while still in the testing phase. The bold nature of the campaign (an easily identifiable entry point code sequence) was backed up by Caphaw’s intricately designed code structure which made it hard for analysts to create a complete profile of its malicious behaviour with various obfuscation and anti-sandbox techniques. In their VB2014 paper, Micky Pun and Neo Tan discuss the technical aspects of handling the anti-reversing strategies devised by the malware writer and evaluate how Caphaw could become a permanent fixture in the botnet scene in the future.

VB100 comparative review on Windows 7 SP1 64-bit

The latest VB100 comparative on the evergreen Windows 7 resulted in a pleasingly high success rate with just a few products failing to make the grade for certification - John Hawes has the details.

VB2014 paper: P0wned by a barcode: stealing money from offline users

Brazilian bad guys have created a unique way of stealing money from people who prefer to keep their lives entirely offline. By altering ‘boletos’ - popular payment documents issued by banks and all kind of businesses in Brazil - cybercriminals have successfully stolen vast amounts of money, even from people who don’t own credit cards or use Internet banking accounts. In his VB2014 paper, Fabio Assolini explains how these attacks have happened, and gives advice on how to protect customers even when they have chosen to live their lives offline.

VB2014 paper: We know it before you do: predicting malicious domains

From distributing malware to hosting command and control servers and traffic distribution, malicious domains are essential to the success of nearly all popular attack vectors. Much effort has been put into building reputation-based malicious domain blacklists. However, in order to evade detection and blocking by the domain reputation systems, many malicious domains are now only used for a very short period of time - a malicious domain has already served most of its purpose by the time its content is detected and the domain is blocked. In their VB2014 paper, Wei Xu, Kyle Sanders and Yanxin Zhang propose a system for predicting the domains that are most likely to be used (or are about to be used) as malicious domains.

VBSpam comparative review summary January 2015

In this short version of the January 2015 VBSpam report, Martijn Grooten provides a summary of the results of the 35th VBSpam test as well as some information on ‘the state of spam’.

VBSpam comparative review January 2015

All but three of the 16 full solutions submitted for this month's test achieved a VBSpam award, and six of them achieved a VBSpam+ award. Martijn Grooten has the details.


Archive issues

Browse the archives of Virus Bulletin magazine here (free of charge).

Reprints

VB offers a reprint service to companies wishing to purchase professionally printed glossy style copies of articles from the Bulletin or PDF excerpts from the VB100 and VBSpam comparative reviews.