Top IT Security Bloggers

TrendLabs - Malware Blog
  • Not so Limitless after all: Trend Micro FTR Assists in the Arrest of Limitless Author

    TrendLabs - Malware Blog
    On January 13, college student Zachary Shames pleaded guilty to a federal district court in Virginia, US, for authoring Limitless Logger, the malicious keylogger that was used to steal thousands of sensitive user information like passwords and banking credentials. In November 2014, Trend Micro’s Forward Looking Threat Research team (FTR) published a research paper that covered Limitless and how it was used to steal information from thousands of victims. Prior to that, we passed on details that correctly identified Shames as the creator to the FBI. This blog details how we made that link, which we left out of the published research paper.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Not so Limitless after all: Trend Micro FTR Assists in the Arrest of Limitless Author
  • Uncovering the Inner Workings of EyePyramid

    TrendLabs - Malware Blog
    Two Italians referred to as the “Occhionero brothers” have been arrested and accused of using malware and a carefully-prepared spear-phishing scheme to spy on high-profile politicians and businessmen. This case has been called "EyePyramid", which we first discussed last week. (Conspiracy theories aside, the name came from a domain name and directory path that was found as part of the research.)
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Uncovering the Inner Workings of EyePyramid
  • In Review: 2016’s Mobile Threat Landscape Brings Diversity, Scale, and Scope

    TrendLabs - Malware Blog
    65 million: the number of times we’ve blocked mobile threats in 2016. By December 2016, the total number of unique samples of malicious Android apps we’ve collected and analyzed hit the 19.2 million mark—a huge leap from the 10.7 million samples collected in 2015.
    Indeed, the ubiquity of mobile devices among individual users and organizations, along with advances in technologies that power them, reflect the exponential proliferation, increasing complexity and expanding capabilities of mobile threats.
    While the routines and infection chain of mobile threats are familiar territory, 2016 brought threats with increased diversity, scale, and scope to the mobile landscape. More enterprises felt the brunt of mobile malware as BYOD and company-owned devices become more commonplace, while ransomware became rampant as the mobile user base continued to become a viable target for cybercriminals. More vulnerabilities were also discovered and disclosed, enabling bad guys to broaden their attack vectors, fine-tune their malware, increase their distribution methods, and in particular, invade iOS’s walled garden.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    In Review: 2016’s Mobile Threat Landscape Brings Diversity, Scale, and Scope
  • Practical Android Debugging Via KGDB

    TrendLabs - Malware Blog
    Kernel debugging gives security researchers a tool to monitor and control a device under analysis. On desktop platforms such as Windows, macOS, and Linux, this is easy to perform. However, it is more difficult to do kernel debugging on Android devices such as the Google Nexus 6P . In this post, I describe a method to perform kernel debugging on the Nexus 6P and the Google Pixel, without the need for any specialized hardware.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Practical Android Debugging Via KGDB
  • How Cyber Propaganda Influenced Politics in 2016

    TrendLabs - Malware Blog
    Throughout history, politically motivated threat actors have been interested in changing the public opinion to reach their goals. In recent years the popularity of the Internet gave these threat actors new tools. Not only do they make use of social media to spin the news, spread rumors and fake news, but they also actively hack into political organizations.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    How Cyber Propaganda Influenced Politics in 2016
  • CTO Insights: The General Data Protection Regulation (GDPR) Is Coming, What Now?

    TrendLabs - Malware Blog
    Based on the incidents we saw in 2016, I recommend that organizations enter 2017 with caution. From the growth of Business Email Compromise (BEC) attacks to cybercriminals using more effective ways to exploit Internet of Things (IoT) devices, these security issues should serve as a reminder for businesses and individuals to be more vigilant. One of the most pressing matters that a lot of organizations need to pay attention to, however, is the forthcoming General Data Protection Regulation (GDPR). The new set of rules is designed to harmonize data protection across all EU member states and bring in a number of key components that will directly impact businesses—even businesses outside Europe.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    CTO Insights: The General Data Protection Regulation (GDPR) Is Coming, What Now?
  • The Eye of the Storm: A Look at EyePyramid, the Malware Supposedly Used in High-Profile Hacks in Italy

    TrendLabs - Malware Blog
    Two Italian citizens were arrested last Tuesday by Italian authorities (in cooperation with the FBI) for exfiltrating sensitive data from high-profile Italian targets. Private and public Italian citizens, including those holding key positions in the state, were the subject of an effective spear-phishing campaign that reportedly served a malware, codenamed EyePyramid, as a malicious attachment. This malware has been used to successfully exfiltrate over 87 gigabytes worth of data including usernames, passwords, browsing data, and filesystem content.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    The Eye of the Storm: A Look at EyePyramid, the Malware Supposedly Used in High-Profile Hacks in Italy
  • Patch Tuesday of January 2017: Microsoft Releases Four Bulletins, One Rated Critical

    TrendLabs - Malware Blog
    Microsoft begins its monthly set of bulletins for 2017 with relatively few bulletins released in January. Four security bulletins make up this month’s Patch Tuesday—one of which is rated Critical to address vulnerabilities seen in Adobe Flash Player while the other three are tagged as Important to patch vulnerabilities in Microsoft Office, Edge, and the Local Security Authority Subsystem Service (LSASS).
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Patch Tuesday of January 2017: Microsoft Releases Four Bulletins, One Rated Critical
  • Recent Spam Runs in Germany Show How Threats Intend to Stay in the Game

    TrendLabs - Malware Blog
    In early December, GoldenEye ransomware (detected by Trend Micro as RANSOM_GOLDENEYE.A) was observed targeting German-speaking users—particularly those belonging to the human resource department. GoldenEye, a relabeled version of the Petya (RANSOM_PETYA) and Mischa (RANSOM_MISCHA) ransomware combo, GoldenEye not only kept to the James Bond theme of its earlier iteration, but also its attack vector.
    Given ransomware’s likely outlook to reach a plateau, persistence in the threat landscape and diversification of target victims are the names of the game. GoldenEye exemplifies bad guys trying to gain scale, leverage, and profit with rehashed malware.
    Apart from GoldenEye, we also saw spam runs and observed a surge in detections of Cerber (RANSOM_CERBER), Petya (RANSOM_PETYA), and Locky (RANSOM_LOCKY) in Germany. The social lures of these malware may be German, but the risks and impact are the same for everyone.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Recent Spam Runs in Germany Show How Threats Intend to Stay in the Game
  • Updated Sundown Exploit Kit Uses Steganography

    TrendLabs - Malware Blog
    This year has seen a big shift in the exploit kit landscape, with many of the bigger players unexpectedly dropping out of action. The Nuclear exploit kit operations started dwindling in May, Angler disappeared around the same time Russia’s Federal Security Service made nearly 50 arrests last June, and then in September Neutrino reportedly went private and shifted focus to select clientele only. Now, the most prominent exploit kits in circulation are RIG and Sundown. Both gained prominence shortly after Neutrino dropped out of active circulation.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Updated Sundown Exploit Kit Uses Steganography

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place