Virus Bulletin

(get it in RSS or Atom)

Live from the Virus Bulletin conference 2015 [Chet Chat Podcast 216.5]

Find out what the world's threat protection experts talk about when you cloister them in a Prague hotel for three days!

Selfies, sharks...and yet another lock screen bug [Chet Chat Podcast 216]

Just when you thought it was safe to go back in the water...

Enjoy the latest episode of our weekly podcast!

SSCC 166.5 - Special edition from the Virus Bulletin 2014 conference [PODCAST]

Sophos security expert Chester Wisniewski was at the Virus Bulletin 2014 conference in Seattle.

In this special edition of the Chet Chat, Paul Ducklin puts Chet on the other side of the mic to find out more about both the technology and the ethics of anti-malware research.

Duping the machine - the cunning malware that throws off researchers

Malware. Image courtesy of Shutterstock

Traditionally, when malware detects that it is not running in a genuine victim setting, it will simply exit immediately. But there's a certain subset of malware families that are more cunning when they detect an analysis environment...

SSCC 119 - Happy 10th, Patch Tuesday - Adobe "goes open source" - Dread Pirate Roberts [PODCAST]


A wild ride this week, with Patch Tuesday turning 10, Adobe "going open source" by losing 40GB of code, and Silk Road operator Dread Pirate Roberts getting locked in the brig.

Chet and Duck turn their amusing but insightful attention to the latest security stories...

SophosLabs prepares for great showing at Virus Bulletin 2013

Who is SophosLabs

Sophos has a larger than normal presense this week at the Virus Bulletin Conference in Berlin, Germany. Research presented includes bot nets, rootkits, Android and even techniques we can use to better protect others.

Advertising in mobile apps - how much is too much?


At this week's Virus Bulletin conference in Berlin, two SophosLabs researchers will present a paper on ads and adware in the mobile ecosystem.

We'd love to put *your* questions and comments to them from the conference floor - so here's your chance to have your say...

How to measure the biggest and most dangerous threats

measuring the biggest and most dangerous threats

Just about every security company publishes some sort of prevalence data - those little bar charts and top tens showing the most important and widespread threats. The raw data behind these easy-to-consume representations can be very useful to security experts and testers.

How to rate a comparative anti-virus test - a six-step guide

How to rate a comparative anti-virus test - a 6-step guide

It sometimes seems like anyone with a computer feels qualified to do comparative anti-virus testing. There are a lot of pitfalls to look out for, which often trip up unwary would-be testers and regularly lead to wonky data and odd conclusions. So how do you know which tests are any good?

How do you know if an anti-virus test is any good?

The truth behind antivirus comparative tests: valuable or useless?

Anti-virus tests are a bit of a minefield. Why are they all different? How do you know who to believe? What makes one test better than another, or are they all equally brilliant/useless/biased/random? John Hawes takes a look.

Monday review - the hot 21 stories of the week

Monday review

In case you missed anything, here's everything we wrote in the past seven days.

When is a password not a password? When Excel sees "VelvetSweatshop" [VIDEO]

When is a password not a password? When Excel sees VelvetSweatshop

Malware researcher Paul Baccas reveals how an Excel spreadsheet using the password "VelvetSweatshop" could be designed to put your computer at risk.

SophosLabs wins coveted Swiss prize

SophosLabs wins coveted Swiss prize

The Swiss are known for their prestigious and generous gifts to those who achieve what others can only imagine. SophosLabs managed to impress the committee and earn one of these coveted prizes recently.

Sophos awarded VB100 in Windows Server 2003 R2 comparative anti-virus test


Sophos awarded VB100 in comparative test by Virus Bulletin of 36 different anti-virus products.

Monday review: the hot 26 stories of the week

Monday review: the hot 26 stories of the week

Here's a list of all the stories we've written in the last week, in case you missed any (or if you just want to read them again).

"Google and Microsoft can't outbid the US govt - they will never win a bidding war with the NSA"

"Google and Microsoft can't outbid the US govt - they will never win a bidding war with the NSA"

Christopher Soghoian gave the keynote presentation at the VB2012 conference in Dallas, exploring the growing industry in selling details of exploitable vulnerabilities to the highest bidder.

Free speech or weapons in need of regulation?

SSCC 75 - VB 2011, Apple updates, Microsoft Patch Tuesday and German R2D2 Trojan

Sophos Security Chet Chat

John Shier joined Chet this week as they discussed the death of UNIX and C co-creator Dennis Ritchie, the Virus Bulletin 2011 conference, Apple's release of iOS 5 and OS X 10.7.2, Microsoft Patch Tuesday, and the German R2D2 Trojan.

Following the tracks: understanding snowshoe spam


Brett Cove from SophosLabs Vancouver presented a paper at Virus Bulletin 2011 today explaining the oft forgotten spamming technique known as snowshoe spam.

Strategies for monitoring fake anti-virus distribution networks


At the Virus Bulletin 2011 conference in Barcelona, Spain, Sophos's Onur Komili presented research into identifying distribution networks used to spread fake anti-virus software.

Brazil's cybercrime evolution - it doesn't look pretty


Brazil is a cybercrime hotspot - with hundreds of millions of dollars stolen every year.

What is stopping the authorities from catching those responsible, and should anti-virus companies do more to fight the bad guys rather than just the bad files?