Top IT Security Bloggers

TrendLabs - Malware Blog
  • Cybercriminals Take Advantage Of Heartbleed With Spam

    TrendLabs - Malware Blog
    Since news about Heartbleed broke out earlier this month, the Internet has been full of updates, opinions and details about the vulnerability, with personalities ranging from security experts to celebrities talking about it. Being as opportunistic as they are, cybercriminals have taken notice of this and turned the furor surrounding Heartbleed into lure for a spam […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroCybercriminals Take Advantage Of Heartbleed With Spam
  • The Timely Tale of Tax-related Threat Troubles

    TrendLabs - Malware Blog
    Tax season in the US and Canada has always been popular among cybercriminals. After all, it’s one of the few reliable times in a year that a lot of money gets thrown around online, due to the convenience of filing (and) paying taxes over the Internet. As such, we make it a point to look […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroThe Timely Tale of Tax-related Threat Troubles
  • Cybercrime Made More Affordable – The Implications

    TrendLabs - Malware Blog
    Before the end of the month, we will release a new paper in our Cybercriminal Underground Economy Series titled Russian Underground Revisited. This is a followup to our earlier paper Russian Underground 101; both papers examined the Russian Underground and looked at the goods and services being sold inside these underground communities. While the full details will not […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroCybercrime Made More Affordable – The Implications
  • Wikipedia in Your Salad (Spam)

    TrendLabs - Malware Blog
    Spammers are constantly trying new ways to bypass filters to deliver spam. One of the more typical methods is the use of word salad spam, wherein spammed messages are filled with random words. We recently noticed a spike in salad spam that’s circulating in the wild. Aside from the sudden increase, what’s interesting about this […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroWikipedia in Your Salad (Spam)
  • News of South Korea Ferry Used for Spam Evasion

    TrendLabs - Malware Blog
    News of a maritime disaster happening on South Korea waters hit full force on April 16, 2014. MV Sewol, a South Korean vessel, capsized off of the country’s southern coast. While the world was still reeling from the horrific turn of events, cybercriminals began getting to work. Just mere hours after this event was reported […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroNews of South Korea Ferry Used for Spam Evasion
  • The First Line of Defense: IT Personnel

    TrendLabs - Malware Blog
    The year so far has been a particularly stressful one for enterprise IT staff. Early in the year, concerns over data breaches and point of sale POS malware gave retailers something to worry about. The long-simmering headache of Windows XP migration came to a head when support for the venerable OS ended in April. That would […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroThe First Line of Defense: IT Personnel
  • Fake Facebook Chat Verification Used for Spam

    TrendLabs - Malware Blog
    Facebook users are once again the target of a malicious scheme—this time in the form of a notification about “Facebook Chat”. The spammed notification pretends to come from the “official Facebook Chat Team.” A notification shows users of a tagged comment to a Facebook Note containing a fake announcement about a Facebook Chat verification requirement. […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroFake Facebook Chat Verification Used for Spam
  • Trend Micro Heartbleed Detector Now Available

    TrendLabs - Malware Blog
    In previous blog entries, we’ve discussed various aspects of the Heartbleed vulnerability in OpenSSL. Last Tuesday, our first blog post covered an analysis of the vulnerability itself, as well as some steps that IT administrators of affected systems could do in order to protect themselves. Later entries looked at how popular websites and mobile apps were, […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroTrend Micro Heartbleed Detector Now Available
  • Old Java RAT Updates, Includes Litecoin Plugin

    TrendLabs - Malware Blog
    Out with the old, in with the new? When it comes to cybercrime, that’s rarely the case. We often seen old malware get upgrades with new techniques, payloads, and even targets. This is certainly the case for an old Java remote access Trojan (RAT) detected as JAVA_OZNEB.B. Users may encounter this threat as an attachment […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroOld Java RAT Updates, Includes Litecoin Plugin
  • Bundled OpenSSL Library Also Makes Apps and Android 4.1.1 Vulnerable to Heartbleed

    TrendLabs - Malware Blog
    In an earlier blog post, we mentioned that mobile apps are also affected by the Heartbleed vulnerability. This is because mobile apps may connect to servers affected by the bug. However, it appears that mobile apps themselves could be vulnerable because of a bundled OpenSSL library. OpenSSL Library Present in Android 4.1.1 and Certain Mobile […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroBundled OpenSSL Library Also Makes Apps and Android 4.1.1 Vulnerable to Heartbleed
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Endpoint Security and Data Protection

Protect your computers and data.

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.