Corporate Partners

Top IT Security Bloggers

TrendLabs - Malware Blog
  • Trend Micro Discovers Apache Vulnerability that Allows One-Click Modification of Android Apps

    TrendLabs - Malware Blog
    We’ve discovered a vulnerability in the Apache Cordova app framework that allows attackers to modify the behavior of apps just by clicking a URL. The extent of the modifications can range from causing nuisance for app users to crashing the apps completely. Designated as CVE-2015-1835, this high-severity vulnerability affects all versions of Apache Cordova up […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroTrend Micro Discovers Apache Vulnerability that Allows One-Click Modification of Android Apps
  • Chrome Lure Used in Facebook Attack despite Google’s New Policy

    TrendLabs - Malware Blog
    Just how effective is it for cybercriminals to keep using Google Chrome and Facebook to infect their victims with malware? We’ve already seen both platforms be used as parts of malicious social engineering schemes. Both Google and Facebook are aware of this and have taken steps to protect their users. The number of times malicious […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroChrome Lure Used in Facebook Attack despite Google’s New Policy
  • Attack of the Solo Cybercriminals – Frapstar in Canada

    TrendLabs - Malware Blog
    By now cybercrime has become the fastest growing criminal enterprise of the 21st century, run by efficient organizations with great professionalism. Today, news headlines are mostly about large-scale breaches orchestrated by large criminal syndicates. But smaller one-man operations can be equally devastating to the unwitting home users and businesses. This reminds us that cyber criminals […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroAttack of the Solo Cybercriminals – Frapstar in Canada
  • CTO Insights: Internet of Things — Whose Data Is It, Anyway?

    TrendLabs - Malware Blog
    Everywhere you look, it seems to be that everything is becoming “smart”.  On my wrist, I frequently wear a smart watch that monitors how many steps I take, what my heart rate is, and so on. At home, a smart thermostat can be controlled via an app, or even be programmed based on my own behavior. […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroCTO Insights: Internet of Things — Whose Data Is It, Anyway?
  • Joke or Blunder: Carbanak C&C Leads to Russia Federal Security Service

    TrendLabs - Malware Blog
    In an interesting turn of events, a C&C used in the Carbanak targeted attack campaign now resolves to an IP linked to the Russian Federal Security Service (FSB). Yesterday, while checking the indicator of compromise (IOC) data from the Carbanak report, when I noticed that the domain name systemsvc.net (which was identified as a C&C server in the report) now […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroJoke or Blunder: Carbanak C&C Leads to Russia Federal Security Service
  • Exploring CVE-2015-1701 — A Win32k Elevation of Privilege Vulnerability Used in Targeted Attacks

    TrendLabs - Malware Blog
    Our analysis of the win32k.sys vulnerability used in a recent targeted attack reveals that it opens up an easy way to bypass the sandbox, making it a bigger threat than originally thought. As mentioned in Microsoft security bulletin MS15-051, CVE-2015-1701 is an elevation of privilege vulnerability that exists when the Win32k.sys kernel-mode driver improperly handles […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroExploring CVE-2015-1701 — A Win32k Elevation of Privilege Vulnerability Used in Targeted Attacks
  • Attack Gains Foothold Against East Asian Government Through “Auto Start”

    TrendLabs - Malware Blog
    East Asian government agencies came under siege when attackers targeted several servers within their networks. The said attackers, who showed familiarity and in-depth knowledge of their agencies’ network topology, tools, and software, were able to gain access to their targeted servers and install malware. After which, they used the compromised servers not only as gateways to […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroAttack Gains Foothold Against East Asian Government Through “Auto Start”
  • New Router Attack Displays Fake Warning Messages

    TrendLabs - Malware Blog
    Just because security researchers report about threats doesn’t mean we’re exempted from them. I recently experienced an incident at home that involved tampered DNS router settings. I was redirected to warning pages that strongly resemble those used in previous FAKEAV attacks. I noticed that my home internet router DNS settings have been modified from its default settings. (My router […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroNew Router Attack Displays Fake Warning Messages
  • Logjam Breaks Secure Key Exchange… Sometimes

    TrendLabs - Malware Blog
    Another flaw has been found in the basic encryption algorithms that secure the Internet. This flaw, named the Logjam attack by its discoverers (researchers from various universities and companies), allows an attacker that can carry out man-in-the-middle attacks to weaken the encryption used in secure connections (such as HTTPS, SSH, and VPNs). In theory, this means that […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroLogjam Breaks Secure Key Exchange… Sometimes
  • Steganography and Malware: Final Thoughts

    TrendLabs - Malware Blog
    Steganography will only become more popular, especially among the more industrious malware groups out there. For an attacker, the ability to hide stuff in plain sight is like peanut butter on chocolate: it makes their favorite thing even better. In the first two entries of this series, we explored which steganographic techniques are used by attackers to […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroSteganography and Malware: Final Thoughts

Market Place