virus bulletin

The Virus Bulletin Conference 2020 VBLocalhost is live and my video presentation is there

Here is the conference link: You need to register first (free).   Here is my paper: One year later: challenges for young anti-malware products today I have to say that the VB team did a good job with the editing 🙂   I think I was too nice with Defender :))) What do you think ?   Here are some , more or less. funny facts about the session filmed: I did the recording in a one day, just before leaving on vacation. I needed more than 8 hours to do it I filmed myself 10 times, 8 of them from start to end a few times I made mistakes a few times my children made some noises once came the post once the cat started to meow so loud in front of my office door, that I had to stop The 8th attempt was the one you see there and it was taken in two parts.

My presentation “Challenges for young anti-malware products today” accepted at the Virus Bulletin 2019 Conference in London

I am happy to inform everybody that my presentation “Challenges for young anti-malware products today” was accepted at the Virus Bulletin 2019 Conference in London. This is the abstract: “There are two categories of anti-malware vendors: Established anti-malware vendors, who are preoccupied with getting the best scores in detection tests and capturing more market share. Emerging anti-malware vendors, who are trying to understand what they need to do in order to enter the market. This paper is about the second category of companies: those who are trying to enter the market either because they have identified a small market segment which they think they can serve, or simply because they’ve heard they can make some easy money. None of these emergent companies actually know what it takes to make a ‘real’ anti-virus product. They try to enter the market by creating some software that detects malware using a third-party scanning engine and soon realize that things are much more complicated than estimated: they face a multitude of problems they don’t understand and realize that there are more who want to see them fail than who are able and willing to help them. In this paper I will discuss some of…

No Image

“Ze Foreign Accent” spam is back

Twelve years ago the IT security world was fighting against an unprecedented amount of spam emails. Spam is not and never was just a nuisance; it is a big problem because it slows down the good emails and takes up resources. Together with Virus Bulletin and some antispam researchers from various companies, a list called “The Spammer Compendium” was created.  This list contains methods used by spammers to trick spam filters and to have their emails delivered to the end users. One of the methods listed there is called “Ze Foreign Accent” spam or(BWO!Accent!Plain). The main characteristic of this method is the usage of special characters called “accents”. They make no sense in English, but they exist in other languages like French, German, Romanian, and others. We haven’t seen this kind of spam in the wild for many years now because it was very easy to detect (due to the heavy usage of special characters). So you can imagine our surprise to see this technique pop up again in a spam message. What makes “Ze Foreign Accent” spam so special? This spam is special because it combines various methods described in “The Spammer Compendium”: Whiter Shade of Pale – TA!Pale!HTML and  Invisible Ink…

No Image Cyber insurance, is it for you?

This article was published first in Virus Bulletin. Sorin Mustaca looks at how companies trading online can insure the risks they run. Throughout its 25 year history, Virus Bulletin has regularly published technical analyses of the latest threats and defensive methods, and will continue to do so (with the material now available free of charge). We will also continue to post thought-provoking opinions from security experts, to encourage debate and discussion. Today, we publish a guest blog by Sorin Mustaca. Sorin is well known to many in the industry and has regularly written for VB. In this post, he looks at the topic of cyber insurance. Introduction If you own a car, you probably have car insurance, and if you own a house, you will have several kinds of insurance against almost any kind of damage that can affect your property – insurance against theft of items in your property, insurance against damage by flood, fire or accidental damage, and so on. Meanwhile, in various professions it is mandatory to have specialized insurance cover to protect customers against damage through negligence or failure to provide the appropriate level of service. But what about a company’s digital assets? Or the private customer data that is stored…

No Image

Virus Bulletin International Conference 2011

  The VB2011 – the 21st Virus Bulletin International Conference took place between  5-7 October 2011 in Barcelona, Spain. The city of Barcelona is a wonderful place to be. Pity that I didn’t have enough time to see all of its wonders.   Here is the article about the Opening of the conference.   Here are the reports from the three days of the conference: Day 1 Day 2 Day 3  

No Image

Virus Bulletin Article on Anti-Botnet-Initiative

Virus Bulletin Article on Anti-Botnet-Initiative The Virus Bulletin Magazine has published an article on the anti-botnet initiative in which Avira takes part. The goal is to clean infected computers and reduce the impact of cyber criminal activities. Read the article here (.pdf, 111kb) or head over to the Virus Bulletin web site where the magazine is available as whole!

No Image

New entry in the TSC: Script in the middle

Thanks to Virus Bulletin, we have now a new entry in The Spammers’ Compendium: Script in the middle UO!Script in the Middle!JavaScript 14 October 2010 Description The email has an HTML document attached to it that contanis a for. Clicking submit will POST the user’s data to a website controlled by the crooks, which automatically and invisible redirects to a legitimate website. See also The Responsibility Transfer. The original article with all the juicy details can be found in Avira Techblog:

No Image

Older articles on Virus Bulletin’s website

The links below are located on this site section : As can be seen, until the moment of writing this post, I am the only author. Click on the links below to be redirected on the Virus Bulletin’s website. You need to register to read the articles. Don’t worry, is free of charge. Do ‘pump and dump’ spam campaigns really work? ‘Mini’ phishing Pay per click Broken link Bye bye OCR?

No Image

Writing my review of the EU Spam Symposium

I have started to write my review of the Symposium. Briefly, it was ok, but as any conference, there were also some negative aspects. If the review will not be published in Virus Bulletin, I will also publish it here. More details later. Until then, have a look at the presentations:

%d bloggers like this: