Bulletin

The Bulletin is an indispensable source of reference for anyone concerned with the prevention, detection and removal of computer threats, including but not limited to malware and spam.

Between 1989 and 2014, VB published the monthly, subscriber-based Virus Bulletin magazine. The Bulletin is a continuation of that publication, but with more frequent releases - the Bulletin is available free of charge and requires no registration.

On a regular basis (at least once a month), the Bulletin provides:

  • Thought-provoking news and opinions from respected members of the security industry.
  • Detailed analyses of the latest threats.
  • Feature-length articles exploring new developments and techniques in the global threat landscape.
  • Updates on the latest global cybercrime strategies.
  • Comparative reviews featuring the unique VB100 and VBSpam award schemes.

Some of our recent articles:

Throwback Thursday: The Unbearable Lightness of Testing (December 1996)

Back in 1996, the memory limits of the DOS environment posed issues for anti-malware developers that we wouldn't give a second thought to today. While scanners were already "groaning" under the load of the ever-increasing number of viruses (the growth in the number of known viruses was then around 150-200 per month), the need to add complex new scan capabilities - for dealing with macro viruses - threatened to be the last straw for some. The solution for several products of the time was to supply a second executable offering macro-scanning functionality. Then Editor of VB Ian Whalley quite rightly argued that it was unreasonable to expect people to have to run multiple programs to detect different types of virus and wondered where we would be if we had to have a product consisting of 9,500 separate executables, "one for every virus..."

VB2014 paper: Swipe away, we're watching you

Point-of-sale (PoS) malware campaigns have been hitting the headlines recently. While PoS memory-parsing malware is not a new phenomenon - earlier variants with basic functionality having been detected by AV vendors since 2008 - over the years this type of malware has evolved to include additional features such as keylogging, screen capturing, and bot and network functionalities. In their VB2014 paper, Hong Kei Chan and Liang Huang describe the backbone of PoS malware: (1) dumping the memory of running processes, (2) scanning and extracting credit card information, and (3) exfiltrating the stolen information.

A timeline of mobile botnets

With the recent explosion in smartphone usage, malware authors have increasingly focused their attention on mobile devices, leading to a steep rise in mobile malware over the past couple of years. In this paper, Ruchna Nigam focuses on mobile botnets, drawing up an inventory of types of known mobile bot variants.

Dylib hijacking on OS X

DLL hijacking is a well known class of attack which, until now, was believed only to affect Windows. However, in this paper, Patrick Wardle shows that OS X is similarly vulnerable to dynamic library hijack attacks.

Windows 10 patching process may leave enterprises vulnerable to zero-day attacks

Microsoft recently announced its new patch roll-out strategy for the latest incarnation of the Windows operating system. Aryeh Goretsky considers how the Windows 10 patching process might affect both the enterprise and the home user.

VB2014 paper: Leaving our ZIP undone: how to abuse ZIP to deliver malware apps

Both Android and Java malware, delivered via ZIP-based packages, have reached high volumes in the wild, and continue to grow at a rapid rate. In his VB2014 paper, Gregory Panakkal explores the ZIP file format, focusing specifically on APK files as handled by the Android OS. He also explores new malformations that can be applied to APK files to break typical AV engine unarchiving, thus bypassing content scanning, while keeping the APK valid for the Android OS.


Archive issues

Browse the archives of Virus Bulletin magazine here (free of charge).

Reprints

VB offers a reprint service to companies wishing to purchase professionally printed glossy style copies of articles from the Bulletin or PDF excerpts from the VB100 and VBSpam comparative reviews.