virus bulletin

News September 30, 2020

The Virus Bulletin Conference 2020 VBLocalhost is live and my video presentation is there

Here is the conference link: https://vblocalhost.com/conference/ You need to register first (free). Here is my paper: One year later: challenges for young anti-malware products today I have to say that the VB team did a good job with the editing 🙂 I think I was too nice with Defender :))) What do you think ? Here are some , more or less. funny facts about the session filmed: I did the recording in a one day, just before leaving on vacation. I needed more than 8 hours to do it I filmed myself 10 times, 8 of them from start to end a few times I made mistakes a few times my children made some noises once came the post once the cat started to meow so loud in front of my office door, that I had to stop The 8th attempt was the one you see there and it was taken in two parts.

antivirus, News September 6, 2019

My presentation “Challenges for young anti-malware products today” accepted at the Virus Bulletin 2019 Conference in London

I am happy to inform everybody that my presentation “Challenges for young anti-malware products today” was accepted at the Virus Bulletin 2019 Conference in London. This is the abstract: “There are two categories of anti-malware vendors: Established anti-malware vendors, who are preoccupied with getting the best scores in detection tests and capturing more market share. Emerging anti-malware vendors, who are trying to understand what they need to do in order to enter the market. This paper is about the second category of companies: those who are trying to enter the market either because they have identified a small market segment which they think they can serve, or simply because they’ve heard they can make some easy money. None of these emergent companies actually know what it takes to make a ‘real’ anti-virus product. They try to enter the market by creating some software that detects malware using a third-party scanning engine and soon realize that things are much more complicated than estimated: they face a multitude of problems they don’t understand and realize that there are more who want to see them fail than who are able and willing to help them. In this paper I will discuss some of…

published-external, Spam & Phishing March 13, 2015

“Ze Foreign Accent” spam is back

Twelve years ago the IT security world was fighting against an unprecedented amount of spam emails. Spam is not and never was just a nuisance; it is a big problem because it slows down the good emails and takes up resources. Together with Virus Bulletin and some antispam researchers from various companies, a list called “The Spammer Compendium” was created. This list contains methods used by spammers to trick spam filters and to have their emails delivered to the end users. One of the methods listed there is called “Ze Foreign Accent” spam or(BWO!Accent!Plain). The main characteristic of this method is the usage of special characters called “accents”. They make no sense in English, but they exist in other languages like French, German, Romanian, and others. We haven’t seen this kind of spam in the wild for many years now because it was very easy to detect (due to the heavy usage of special characters). So you can imagine our surprise to see this technique pop up again in a spam message. What makes “Ze Foreign Accent” spam so special? This spam is special because it combines various methods described in “The Spammer Compendium”: Whiter Shade of Pale – TA!Pale!HTML and Invisible Ink…

Uncategorized August 14, 2014

VirusBulletin.com: Cyber insurance, is it for you?

This article was published first in Virus Bulletin. Sorin Mustaca looks at how companies trading online can insure the risks they run. Throughout its 25 year history, Virus Bulletin has regularly published technical analyses of the latest threats and defensive methods, and will continue to do so (with the material now available free of charge). We will also continue to post thought-provoking opinions from security experts, to encourage debate and discussion. Today, we publish a guest blog by Sorin Mustaca. Sorin is well known to many in the industry and has regularly written for VB. In this post, he looks at the topic of cyber insurance. Introduction If you own a car, you probably have car insurance, and if you own a house, you will have several kinds of insurance against almost any kind of damage that can affect your property – insurance against theft of items in your property, insurance against damage by flood, fire or accidental damage, and so on. Meanwhile, in various professions it is mandatory to have specialized insurance cover to protect customers against damage through negligence or failure to provide the appropriate level of service. But what about a company’s digital assets? Or the private customer data that is stored…

News October 8, 2011

Virus Bulletin International Conference 2011

The VB2011 – the 21st Virus Bulletin International Conference took place between 5-7 October 2011 in Barcelona, Spain. The city of Barcelona is a wonderful place to be. Pity that I didn’t have enough time to see all of its wonders. Here is the article about the Opening of the conference. Here are the reports from the three days of the conference: Day 1 Day 2 Day 3

News, Spam & Phishing November 17, 2010

Virus Bulletin Article on Anti-Botnet-Initiative

Virus Bulletin Article on Anti-Botnet-Initiative The Virus Bulletin Magazine has published an article on the anti-botnet initiative in which Avira takes part. The goal is to clean infected computers and reduce the impact of cyber criminal activities. Read the article here (.pdf, 111kb) or head over to the Virus Bulletin web site where the magazine is available as whole!

News October 16, 2010

New entry in the TSC: Script in the middle

Thanks to Virus Bulletin, we have now a new entry in The Spammers’ Compendium: Script in the middle UO!Script in the Middle!JavaScript 14 October 2010 Description The email has an HTML document attached to it that contanis a for. Clicking submit will POST the user’s data to a website controlled by the crooks, which automatically and invisible redirects to a legitimate website. See also The Responsibility Transfer. The original article with all the juicy details can be found in Avira Techblog: http://techblog.avira.com/2010/09/08/phishing-getting-verified/en/

antivirus, General, Spam & Phishing May 28, 2007

Older articles on Virus Bulletin’s website

The links below are located on this site section : http://www.virusbtn.com/resources/phishing/index As can be seen, until the moment of writing this post, I am the only author. Click on the links below to be redirected on the Virus Bulletin’s website. You need to register to read the articles. Don’t worry, is free of charge. Do ‘pump and dump’ spam campaigns really work? ‘Mini’ phishing Pay per click Broken link Bye bye OCR?

General May 28, 2007

New article on Virusbtn.com: The return of the animated spam

Click here to be redirected on the Virus Bulletin’s website. You need to register to read the articles. Don’t worry, is free of charge. http://www.virusbtn.com/resources/phishing/animated-spam.xml

Spam & Phishing June 20, 2006

Writing my review of the EU Spam Symposium

I have started to write my review of the Symposium. Briefly, it was ok, but as any conference, there were also some negative aspects. If the review will not be published in Virus Bulletin, I will also publish it here. More details later. Until then, have a look at the presentations: http://www.spamsymposium.eu/archivewebcast.htm