TrendLabs - Malware BlogLast week, we talked about the OBAD Android malware, which installed itself as an administrator on the device and used a vulnerability in Android to hide this fact from the user. One effect of this particular behavior was to make removal of this threat very difficult. Apps that have set themselves up as administrators require [...]
TrendLabs - Malware BlogAbout two weeks ago, Oracle published a blog post describing – and promising – to improve the security of Java. Since then, I’ve been asked a few times: what exactly did they say, and what does it mean for end users? First, Oracle talked about how they’re now handling security patches. They pointed out how [...]
TrendLabs - Malware BlogAt the end of May, two Google security engineers announced Mountain View’s new policy regarding zero-day bugs and disclosure. They strongly suggested that information about zero-day exploits currently in the wild should be released no more than seven days after the vendor has been notified. Ideally, the notification or patch should come from the vendor, [...]
TrendLabs - Malware BlogOnline banking threats have been prevalent for many years, but recently they seem to be determined to expand beyond their usual targets. In the past few weeks and months, we’ve seen various attacks target Korean banks using various techniques. The latest attack we’ve found uses a Trojan that redirects users of various Korean banks to [...]
TrendLabs - Malware BlogWe have been seeing apps that exploit vulnerabilities in Android, with most of them attempting to gain higher privileges on user devices. In recent days, a stronger and a far more advanced Android malware named ANDROIDOS_OBAD has come into play. What seems to be a product from the same malware authors behind ANDROIDOS_JIFAKE, ANDROIDOS_OBAD is [...]
TrendLabs - Malware BlogLast month, the hacker collective Anonymous announced their intention to launch cyber attacks against the petroleum industry (under the code name #OpPetrol) that is expected to last up to June 20. Their claimed reason for this attack is primarily due to petroleum being sold with the US dollar instead of currency of the country where [...]
TrendLabs - Malware BlogEarlier in February we blogged about RARSTONE, a Remote Access Tool (RAT) that we discovered having some similar characteristics to PlugX, an older and more well-known RAT. In April, the same malware family used the Boston Marathon bombing as part of its social engineering bait. Since then, we’ve been looking out for further attacks using RARSTONE. We’ve [...]
TrendLabs - Malware BlogThe past few weeks have seen some very high-profile sites adopt two-factor authentication in one form or another. First was Twitter, followed soon by Evernote and Linkedin. For users of these sites, these represent a welcome improvement to their security. In the event that their password is (somehow) compromised, an attacker faces another barrier before [...]
TrendLabs - Malware BlogMicrosoft releases five security bulletins for June 2013, which is relatively light compared to previous ones. Despite this, users must update their systems immediately, to avoid possible web threats leveraging software vulnerabilities. This roster of security fixes include updates for vulnerabilities found in Windows and Internet Explorer, which were rated Critical. This means that IT [...]
TrendLabs - Malware BlogIn our monitoring of the GAMARUE malware family, we found a variant that used the online code repository SourceForge to host malicious files. This finding is the latest development we’ve seen since the increase in infection counts observed last month. SourceForge is a leading code repository for many open-source projects, which gives developers a free [...]
Sign up now »
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.