Virus Bulletin

(get it in RSS or Atom)

How to measure the biggest and most dangerous threats

by John Hawes on May 16, 2013 | Leave a comment

measuring the biggest and most dangerous threats

Just about every security company publishes some sort of prevalence data - those little bar charts and top tens showing the most important and widespread threats. The raw data behind these easy-to-consume representations can be very useful to security experts and testers.

How to rate a comparative anti-virus test - a six-step guide

by John Hawes on April 30, 2013 | 3 Comments

It sometimes seems like anyone with a computer feels qualified to do comparative anti-virus testing. There are a lot of pitfalls to look out for, which often trip up unwary would-be testers and regularly lead to wonky data and odd conclusions. So how do you know which tests are any good?

How do you know if an anti-virus test is any good?

by John Hawes on April 19, 2013 | 8 Comments

The truth behind antivirus comparative tests: valuable or useless?

Anti-virus tests are a bit of a minefield. Why are they all different? How do you know who to believe? What makes one test better than another, or are they all equally brilliant/useless/biased/random? John Hawes takes a look.

Monday review - the hot 21 stories of the week

by Anna Brading on April 15, 2013 | Leave a comment

In case you missed anything, here's everything we wrote in the past seven days.

When is a password not a password? When Excel sees "VelvetSweatshop" [VIDEO]

by Paul Baccas on April 11, 2013 | 7 Comments

Malware researcher Paul Baccas reveals how an Excel spreadsheet using the password "VelvetSweatshop" could be designed to put your computer at risk.

SophosLabs wins coveted Swiss prize

by Chester Wisniewski on November 24, 2012 | 2 Comments

The Swiss are known for their prestigious and generous gifts to those who achieve what others can only imagine. SophosLabs managed to impress the committee and earn one of these coveted prizes recently.

Sophos awarded VB100 in Windows Server 2003 R2 comparative anti-virus test

by Carole Theriault on November 12, 2012 | 3 Comments

Sophos awarded VB100 in comparative test by Virus Bulletin of 36 different anti-virus products.

Monday review: the hot 26 stories of the week

by Anna Brading on October 1, 2012 | Leave a comment

Here's a list of all the stories we've written in the last week, in case you missed any (or if you just want to read them again).

"Google and Microsoft can't outbid the US govt - they will never win a bidding war with the NSA"

by Graham Cluley on September 27, 2012 | 6 Comments

Christopher Soghoian gave the keynote presentation at the VB2012 conference in Dallas, exploring the growing industry in selling details of exploitable vulnerabilities to the highest bidder.

Free speech or weapons in need of regulation?

SSCC 75 - VB 2011, Apple updates, Microsoft Patch Tuesday and German R2D2 Trojan

by Chester Wisniewski on October 16, 2011 | Leave a comment

John Shier joined Chet this week as they discussed the death of UNIX and C co-creator Dennis Ritchie, the Virus Bulletin 2011 conference, Apple's release of iOS 5 and OS X 10.7.2, Microsoft Patch Tuesday, and the German R2D2 Trojan.

Following the tracks: understanding snowshoe spam

by Chester Wisniewski on October 6, 2011 | Leave a comment

Brett Cove from SophosLabs Vancouver presented a paper at Virus Bulletin 2011 today explaining the oft forgotten spamming technique known as snowshoe spam.

Strategies for monitoring fake anti-virus distribution networks

by Chester Wisniewski on October 5, 2011 | 3 Comments

At the Virus Bulletin 2011 conference in Barcelona, Spain, Sophos's Onur Komili presented research into identifying distribution networks used to spread fake anti-virus software.

Brazil's cybercrime evolution - it doesn't look pretty

by Carole Theriault on October 5, 2011 | 1 Comment

Brazil is a cybercrime hotspot - with hundreds of millions of dollars stolen every year.

What is stopping the authorities from catching those responsible, and should anti-virus companies do more to fight the bad guys rather than just the bad files?