NOMINATIONS NOW OPEN

Top IT Security Bloggers

TrendLabs - Malware Blog
  • MIRCOP Crypto-Ransomware Channels Guy Fawkes, Claims To Be The Victim Instead

    TrendLabs - Malware Blog
    Ransomware behavior has been the talk of the town. We have seen oddly long ransom payment deadlines from GOOPIC, password stealing capabilities from RAA, chat support from the latest JIGSAW variant, and all these are just incidents discovered this June. But among these new behaviors, we came across a truly unique behavior in MIRCOP crypto-ransomware.
    Detected as RANSOM_MIRCOP.A, MIRCOP places the blame on users and does not give victims instructions on how to pay the ransom. In fact, it assumes that victims already know how to pay them back.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    MIRCOP Crypto-Ransomware Channels Guy Fawkes, Claims To Be The Victim Instead
  • After Angler: Shift in Exploit Kit Landscape and New Crytpo-Ransomware Activity

    TrendLabs - Malware Blog
    Early this year, we reported that in 2015, Angler came out as the top exploit kit, having contributed 59.5% in the total exploit kit activity for the year. Now, there’s barely any pulse left.
    After the arrest of 50 people accused of using malware to steal US$25 million, it is interesting to note that Angler basically stopped functioning. With Angler’s reported inactivity, it appears that cybercriminals are scrambling to find new exploit kits to deliver malware. Angler had been the exploit kit of choice because it was the most aggressive in terms of including new exploits and it was able to apply a lot of antivirus evasion techniques such as payload encryption and fileless infection.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    After Angler: Shift in Exploit Kit Landscape and New Crytpo-Ransomware Activity
  • ‘GODLESS’ Mobile Malware Uses Multiple Exploits to Root Devices

    TrendLabs - Malware Blog
    We came across a family of mobile malware called Godless (detected as ANDROIDOS_GODLESS.HRX) that has a set of rooting exploits in its pockets. By having multiple exploits to use, Godless can target virtually any Android device running on Android 5.1 (Lollipop) or earlier. As of this writing, almost 90% of Android devices run on affected versions. Based on the data gathered from our Trend Micro Mobile App Reputation Service, malicious apps related to this threat can be found in prominent app stores, including Google Play, and has affected over 850,000 devices worldwide.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    ‘GODLESS’ Mobile Malware Uses Multiple Exploits to Root Devices
  • JScript-toting Ransomware Can Steal Your Passwords and Bitcoin Wallets, Too

    TrendLabs - Malware Blog
    In an effort to develop a target base and increase the conversion rate of victims, ransomware perpetrators will try to veer away from well-known families and create new family sporting seemingly new techniques—with varying degrees of practicality.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    JScript-toting Ransomware Can Steal Your Passwords and Bitcoin Wallets, Too
  • Banking Trojans as a Service—Theft Made Easy in Brazil

    TrendLabs - Malware Blog
    As a known banking Trojan center, it’s not surprising when Brazil’s cybercriminals launch what could be considered “banking Trojans as a service.” In this particular case, a skilled cybercriminal started offering a fully functional banking Trojan and its associated infrastructure for rent, to be used by less-skilled crooks.
    This particular threat caught our eye because of its ad, which included demonstration videos on YouTube. Its creator, “Ric”, offers the services of this particular banking Trojan for rent, which costs approximately US$600 for a 10-day period. The service includes a comprehensive, highly capable, and well-designed console, as well as the capability to bypass additional authentication steps used by banks in Brazil.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Banking Trojans as a Service—Theft Made Easy in Brazil
  • Why Ransomware Works: Tactics and Routines Beyond Encryption

    TrendLabs - Malware Blog
    How do companies regardless of size and industry prepare for ransomware attacks? A recent study revealed that businesses are considering saving up Bitcoins, just in case they get hit by these threats and can recover their confidential files in a short span of time. While we don’t recommend succumbing to the ransom payment as it doesn’t guarantee that you’ll get your files back plus you’ll be prone to more ransomware attacks, we can’t also blame these large organizations and businesses for doing so.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Why Ransomware Works: Tactics and Routines Beyond Encryption
  • Unsupported TeamViewer Versions Exploited For Backdoors, Keylogging

    TrendLabs - Malware Blog
    Users of the TeamViewer remote-access service have been complaining in recent weeks about how their systems have been hacked into, unauthorized purchases made on their cards, their bank accounts emptied. Initially it was believed that this was due to a hack into TeamViewer itself, but the company has denied this. Instead, they have blamed password re-use, especially with millions of old passwords in the wild thanks to disclosed social network breaches.
    Others have speculated that malware could be in use somehow, and that may be the case. We have evidence that trojanized TeamViewer installer packages have been used in a spam campaign that resulted in attackers gaining remote access to various systems. While this particular spam campaign used an old version of TeamViewer, we can't dismiss the possibility of other attacks using newer versions.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Unsupported TeamViewer Versions Exploited For Backdoors, Keylogging
  • June Patch Tuesday Contains 16 Bulletins, Five Rated Critical

    TrendLabs - Malware Blog
    System administrators from all over the world know what the second Tuesday of the month brings: the regularly scheduled bounty of patches from Microsoft and other vendors. Because June started on a Wednesday, this month’s Patch Tuesday was on June 14, which is the latest it can be in any given month. This month’s volume...
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    June Patch Tuesday Contains 16 Bulletins, Five Rated Critical
  • FLocker Mobile Ransomware Crosses to Smart TV

    TrendLabs - Malware Blog
    Using multiple devices that run on one platform makes life easier for a lot of people. However, if a malware affects one of these devices, the said malware may eventually affect the others, too. This appears to be the case when we came across an Android mobile lock-screen ransomware, known as “FLocker,” that is capable of locking smart TVs as well.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    FLocker Mobile Ransomware Crosses to Smart TV
  • JIGSAW Crypto-Ransomware Turns Customer-Centric, Uses Chat for Ransom Attempts

    TrendLabs - Malware Blog
    Good customer service is part of running a successful business. It shouldn't be a surprise that even crypto-ransomware purveyors are now thinking of ways to make the process of paying for crypto-ransomware easier. The innovation brought forth by some new JIGSAW variants? Instead of using dark web sites, it communicates to the user via... live chat.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    JIGSAW Crypto-Ransomware Turns Customer-Centric, Uses Chat for Ransom Attempts

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place