Top IT Security Bloggers

TrendLabs - Malware Blog
  • The Healthcare Underground: Electronic Health Records for Sale

    TrendLabs - Malware Blog
    In 2016, 91 percent of the U.S. population had health insurance coverage which means at a given time, any person will be effected in the event of a healthcare data breach. How it affects individuals may differ case by case perspective, but its impact to affected people and healthcare institutions are far from mild. In our latest research paper titled Cybercrime and other Threats faced by Healthcare industry, we look at the other side of a healthcare data breach and trace back what happens to electronic health records (EHR) after they are stolen.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    The Healthcare Underground: Electronic Health Records for Sale
  • RAMNIT: The Comeback Story of 2016

    TrendLabs - Malware Blog
    Earlier this year, Action Fraud, the UK’s fraud and cybercrime reporting center, issued a warning that cyber criminals were taking advantage of generous individuals by sending phishing emails purportedly from Migrant Helpline, a charity organization dedicated to assisting migrants across the country. These emails contain a link that is supposed to lead to a donations page. However, instead of landing on a legitimate website, the user instead unwittingly downloads one of the most tenacious malwares in the wild: the veteran Trojan known as RAMNIT, which staged a comeback in 2016.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    RAMNIT: The Comeback Story of 2016
  • What’s In Shodan? Analyzing Exposed Cyber Assets in the United States

    TrendLabs - Malware Blog
    Thanks to the Internet of Things (IoT), the world is now much more connected. While IoT brings about many benefits and has made life easier for us, there are some important questions we still have to ask: is IoT also making the world a little less secure? More importantly, is IoT making us vulnerable to attackers?
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    What’s In Shodan? Analyzing Exposed Cyber Assets in the United States
  • CERBER Changes Course, Triple Checks for Security Software

    TrendLabs - Malware Blog
    CERBER is a ransomware family that has seen its share of unusual features since its appearance early last year. From its use of audio warnings, to the targeting of cloud platforms and databases, to distribution via malvertising, emailed scripting files, and exploit kits, CERBER has always been willing to keep up with the times, as it was. One reason for its apparent popularity may be the fact that it is sold in the Russian underground, giving a wide variety of cybercriminals access to it.
    However, we've started seeing CERBER variants (which we detect as RANSOM_CERBER.F117AK) add a new wrinkle to their behavior: they have gone out of their way to avoid encrypting security software. How did they do this?
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    CERBER Changes Course, Triple Checks for Security Software
  • Tracking the Decline of Top Exploit Kits

    TrendLabs - Malware Blog
    The latter half of 2016 saw a major shift in the exploit kit landscape, with many established kits suddenly dropping operations or switching business models. Angler, which has dominated the market since 2015, suddenly went silent. We tracked 3.4 million separate Angler attacks on our clients in the first quarter of 2016, and the rate...
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Tracking the Decline of Top Exploit Kits
  • Unix: A Game Changer in the Ransomware Landscape?

    TrendLabs - Malware Blog
    2016 was the year when ransomware reigned. Bad guys further weaponized extortion into malware, turning enterprises and end users into their cash cows by taking their crown jewels hostage. With 146 families discovered last year compared to 29 in 2015, ransomware’s rapid expansion and development are projected to spur cybercriminals into diversifying and expanding their platforms, capabilities, and techniques in order to accrue more targets.
    Indeed, we’ve already seen them testing new waters by tapping the mobile user base, and more recently developing ransomware for other operating systems (OS) then peddling it underground to affiliates and budding cybercriminals. Linux.Encoder (detected by Trend Micro as ELF_CRYPTOR family) was reportedly the first for Linux systems; it targeted Linux web hosting systems through vulnerabilities in web-based plug-ins or software such as Magento’s. In Mac OS X systems, it was KeRanger (OSX_KERANGER)—found in tampered file-sharing applications and malicious Mach-O files disguised as a Rich Text Format (RTF) documents. Their common denominator? Unix.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Unix: A Game Changer in the Ransomware Landscape?
  • Mirai Widens Distribution with New Trojan that Scans More Ports

    TrendLabs - Malware Blog
    Late last year, in several high-profile and potent DDoS attacks, Linux-targeting Mirai (identified by Trend Micro as ELF_MIRAI family) revealed just how broken the Internet of Things ecosystem is. The malware is now making headlines again, thanks to a new Windows Trojan that drastically increases its distribution capabilities.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Mirai Widens Distribution with New Trojan that Scans More Ports
  • Brute Force RDP Attacks Plant CRYSIS Ransomware

    TrendLabs - Malware Blog
    In September 2016, we noticed that operators of the updated CRYSIS ransomware family (detected as RANSOM_CRYSIS) were targeting Australia and New Zealand businesses via remote desktop (RDP) brute force attacks. Since then, brute force RDP attacks are still ongoing, with both SMEs and large enterprises across the globe affected. In fact, the volume of these attacks doubled in January 2017 from a comparable period in late 2016. While a wide variety of sectors have been affected, the most consistent target has been the healthcare sector in the United States.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Brute Force RDP Attacks Plant CRYSIS Ransomware
  • Lurk: Retracing the Group’s Five-Year Campaign

    TrendLabs - Malware Blog
    Fileless infections are exactly what their namesake says: they're infections that don't involve malicious files being downloaded or written to the system’s disk. While fileless infections are not necessarily new or rare, it presents a serious threat to enterprises and end users given its capability to gain privileges and persist in the system of interest to an attacker—all while staying under the radar. For instance, fileless infections have been incorporated in a targeted bot delivery, leveraged to deliver ransomware, infect point-of-sale (PoS) systems, and perpetrate click fraud. The key point of the fileless infection for the attacker is to be able to evaluate each compromised system and make a decision whether the infection process should continue or vanish without a trace.
    The cybercriminal group Lurk was one of the first to effectively employ fileless infection techniques in large-scale attacks—techniques that arguably became staples for other malefactors.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Lurk: Retracing the Group’s Five-Year Campaign
  • Routers Under Attack: Current Security Flaws and How to Fix Them

    TrendLabs - Malware Blog
    How is it possible for users to lose hundreds of dollars in anomalous online bank transfers when all of their gadgets have security software installed?
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Routers Under Attack: Current Security Flaws and How to Fix Them

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place