Top IT Security Bloggers

TrendLabs - Malware Blog
  • “Salad Words” Spam Run Exploits Unlikely Resources

    TrendLabs - Malware Blog
    We recently reported about a large spike of commercial spam that employed micro-sized salad words or random gibberish words found in the email body to bypass spam filters. The content of these messages varied from hair loss cures to car sales to retailer coupons. Most of the samples contained links to websites they themselves advertise. […]Post from: Trendlabs Security Intelligence Blog - by Trend Micro“Salad Words” Spam Run Exploits Unlikely Resources
  • New BlackPOS Malware Emerges in the Wild, Targets Retail Accounts

    TrendLabs - Malware Blog
    We recently spotted a brand new BlackPOS (point-of-sale) malware detected by Trend Micro as TSPY_MEMLOG.A.  In 2012, the source code of BlackPOS was leaked, enabling other cybercriminals and attackers to enhance its code.  What’s interesting about TSPY_MEMLOG.A is it disguises itself as an installed service of known AV vendor software to avoid being detected and consequently, […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroNew BlackPOS Malware Emerges in the Wild, Targets Retail Accounts
  • BIFROSE Now More Evasive Through Tor, Used for Targeted Attack

    TrendLabs - Malware Blog
    We recently investigated a targeted attack against a device manufacturer, and in our analysis, we found that the malware deployed into the target network is a variant of a well-known backdoor, BIFROSE. BIFROSE has been around for many years now, highly available in the cybercriminal underground, and has been used for various cybercriminal activities. One […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroBIFROSE Now More Evasive Through Tor, Used for Targeted Attack
  • Cybercriminals Leverage Rumored Windows 9 Developer Preview Release With Social Engineering

    TrendLabs - Malware Blog
    We’re seeing schemes that are taking advantage of the buzz around the upcoming developer preview release of Windows™ 9 this September. One of the threats we saw was found using some combinations of keywords like Windows 9, free, leak and download in popular search engines. It involves a potentially malicious website that offers what appears to be a free download of the yet-to-be-released Windows […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroCybercriminals Leverage Rumored Windows 9 Developer Preview Release With Social Engineering
  • Mobile Security Roundup 1H 2014

    TrendLabs - Malware Blog
    The first half of this year has been quite eventful for the mobile threat landscape. Sure, we had an idea the state of affairs from 2013 would continue on to this year, but we didn’t know just to what extent. From ballooning mobile malware/high risk app numbers to vulnerabilities upon vulnerabilities, let’s recap just what […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroMobile Security Roundup 1H 2014
  • Netis Routers Leave Wide Open Backdoor

    TrendLabs - Malware Blog
    Routers manufactured by Netcore, a popular brand for networking equipment in China, have a wide-open backdoor that can be fairly easily exploited by attackers. These products are also sold under the Netis brand name outside of China. This backdoor allows cybercriminals to easily run arbitrary code on these routers, rendering it vulnerable as a security device. What […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroNetis Routers Leave Wide Open Backdoor
  • Website Add-on Targets Japanese Users, Leads To Exploit Kit

    TrendLabs - Malware Blog
    In the past few weeks, an exploit kit known as FlashPack has been hitting users in Japan. In order to affect users, this particular exploit kit does not rely on spammed messages or compromised websites: instead, it uses a compromised website add-on. This particular add-on is used by site owners who want to add social media […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroWebsite Add-on Targets Japanese Users, Leads To Exploit Kit
  • Vulnerability in In-App Payment SDKs May Lead to Phishing

    TrendLabs - Malware Blog
    Vulnerabilities in apps are always a cause for concern, especially when said apps handle sensitive information, particularly financial. We examined two popular in-app payment (IAP) SDKs—Google Wallet and the Chinese payment platform Alipay—and discovered that these contain a vulnerability that can be exploited for phishing attacks. The versions we analyzed were Google IAP versions 2 […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroVulnerability in In-App Payment SDKs May Lead to Phishing
  • The Administrator of Things (AoT) – A Side Effect of Smartification

    TrendLabs - Malware Blog
    In an earlier article, we talked about the ongoing smartification of the home – the natural tendency of households to accumulate more intelligent devices over time. While this has its benefits, the residents of smart homes also need to invest their time and energy to maintain these devices. These requirements will only grow as more […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroThe Administrator of Things (AoT) – A Side Effect of Smartification
  • Cybercrime Exposed Part 2: When Adware Goes Bad – A Closer Look at Adware

    TrendLabs - Malware Blog
    With the ostensibly harmless nature of adware, we are constantly tricked into believing that they are nothing but online nuisances. But underneath, they are marketing-engineered software that could potentially carry malicious programs to target your browsing behavior and spy on your other online activities. What is adware and why does it exist? Upfront, adware are […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroCybercrime Exposed Part 2: When Adware Goes Bad – A Closer Look at Adware
CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Secure Virtualization of Business Applications

Run your mission-critical applications in a secure and compliant virtual datacenter, or private cloud.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.