Top IT Security Bloggers

TrendLabs - Malware Blog
  • Android Security Bulletin Tackles Additional Critical Mediaserver Issues

    TrendLabs - Malware Blog
    Google released their security bulletin for May, which once again tackles Critical vulnerabilities in Android’s Mediaserver component, a prevailing theme for the past few bulletins.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Android Security Bulletin Tackles Additional Critical Mediaserver Issues
  • Will Astrum Fill the Vacuum in the Exploit Kit Landscape?

    TrendLabs - Malware Blog
    The decline of exploit kit activity—particularly from well-known exploit kits like Magnitude, Nuclear, Neutrino, and Rig during the latter half of 2016—doesn’t mean exploit kits are throwing in the towel just yet. This is the case with Astrum (also known as Stagano), an old and seemingly reticent exploit kit we observed to have been updated multiple times as of late.
    Astrum’s recent activities feature several upgrades and shows how it's starting to move away from the more established malware mentioned above. It appears these changes were done to lay the groundwork for future campaigns, and possibly to broaden its use. With a modus operandi that deters analysis and forensics by abusing the Diffie-Hellman key exchange, it appears Astrum is throwing down the gauntlet.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Will Astrum Fill the Vacuum in the Exploit Kit Landscape?
  • After WannaCry, UIWIX Ransomware and Monero-Mining Malware Follow Suit

    TrendLabs - Malware Blog
    WannaCry ransomware’s outbreak during the weekend was mitigated by having its kill switch domain registered. It was only a matter of time, however, for other cybercriminals to follow suit. Case in point: the emergence of UIWIX ransomware (detected by Trend Micro as RANSOM_UIWIX.A) and two notable Trojans our sensors detected.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    After WannaCry, UIWIX Ransomware and Monero-Mining Malware Follow Suit
  • Massive WannaCry/Wcry Ransomware Attack Hits Various Countries

    TrendLabs - Malware Blog
    Earlier this year, two separate security risks were brought to light: CVE-2017-0144, a vulnerability in the SMB Server that could allow remote code execution that was fixed in March, and WannaCry/Wcry, a relatively new ransomware family that spread via Dropbox URLs in late April. These two threats have now been combined, resulting in one of the most serious ransomware attacks to hit users across the globe. Trend Micro detects the variants used in this attack as RANSOM_WANA.A and RANSOM_WCRY.I.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Massive WannaCry/Wcry Ransomware Attack Hits Various Countries
  • PUA Operation Spreads Thousands of Explicit Apps in the Wild and on Legitimate App Stores

    TrendLabs - Malware Blog
    One of the most popular ways to make money online is through pornography—whether through legitimate distribution or different online scams. Last year we detected a new variant of the Marcher Trojan targeting users through porn sites, and the year before that popular porn apps were used as lures to compromise millions of mobile users in...
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    PUA Operation Spreads Thousands of Explicit Apps in the Wild and on Legitimate App Stores
  • Microsoft Addresses Zero-Day Vulnerability Ahead of Patch Tuesday

    TrendLabs - Malware Blog
    Microsoft addresses a zero-day vulnerability that exploits the Microsoft Malware Protection Engine before May's Patch Tuesday.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Microsoft Addresses Zero-Day Vulnerability Ahead of Patch Tuesday
  • Persirai: New Internet of Things (IoT) Botnet Targets IP Cameras

    TrendLabs - Malware Blog
    By Tim Yeh, Dove Chiu and Kenney Lu A new Internet of Things (IoT) botnet called Persirai (Detected by Trend Micro as ELF_PERSIRAI.A) has been discovered targeting over 1,000 Internet Protocol (IP) Camera models based on various Original Equipment Manufacturer (OEM) products. This development comes on the heels of Mirai—an open-source backdoor malware that caused some of the most...
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Persirai: New Internet of Things (IoT) Botnet Targets IP Cameras
  • iPhone Phishing Scam Crosses Over Physical Crime

    TrendLabs - Malware Blog
    Last late April a friend of mine had his iPhone stolen in the streets—an unfortunately familiar occurrence in big, metropolitan areas in countries like Brazil. He managed to buy a new one, but kept the same number for convenience. Nothing appeared to be out of the ordinary at first—until he realized the thief changed his Facebook password.
    Fortunately, he was able to recover and update it, as his phone number was tied to his Facebook account. But a pickpocket accessing his victim’s Facebook account is quite unusual. After all, why would a crook be interested with his victim’s Facebook account for when the goal is usually to use or sell the stolen device? It didn’t stop there; a day after, my friend curiously received a phishing SMS message on his new phone.
    What’s interesting here is the blurred line between traditional felony and cybercrime—in particular, the apparent teamwork between crooks and cybercriminals that results in further—possibly more sophisticated—attacks.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    iPhone Phishing Scam Crosses Over Physical Crime
  • Compromising Industrial Robots: The Fallacy of Industrial Routers in the Industry 4.0 Ecosystem

    TrendLabs - Malware Blog
    The increased connectivity of computer and robot systems in the industry 4.0. ecosystem, is, and will be exposing robots to cyber attacks in the future. Indeed, industrial robots—originally conceived to be isolated—have evolved, and are now exposed to corporate networks and the internet.
    While this provides synergy effects and higher efficiency in production, the security posture is not on par. In our latest report Rogue Robots: Testing the Limits of an Industrial Robot’s Security we analyzed how easily an industrial grade robot could be actually ”hacked”. We demonstrated how easily an attacker is able to alter an industrial robot’s accuracy without changing the program code so that that minor defects can be (maliciously) introduced into work pieces. Needless to say, defective products can have repercussions on the production floor and, depending on the security and QA practices of the target factory, may have some financial consequences down the line.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Compromising Industrial Robots: The Fallacy of Industrial Routers in the Industry 4.0 Ecosystem
  • Cerber Version 6 Shows How Far the Ransomware Has Come (and How Far it’ll Go)

    TrendLabs - Malware Blog
    Cerber set itself apart from other file-encrypting malware when its developers commoditized the malware, adopting a business model where fellow cybercriminals can buy the ransomware as a service. The developers earn through commissions—as much as 40%—for every ransom paid by the victim. Coupled with persistence, Cerber turned into a cybercriminal goldmine that reportedly earned its developers $200,000 in commissions in a month alone last year.
    Being lucrative and customizable for affiliates, it’s no wonder that Cerber spawned various iterations. Our coverage of unique Cerber samples—based on feedback from Smart Protection Network™—shows enterprises and individual users alike are taking the brunt, with the U.S. accounting for much of Cerber’s impact. We’ve also observed Cerber’s adverse impact among organizations in education, manufacturing, public sector, technology, healthcare, energy, and transportation industries.
    A reflection of how far Cerber has come in the threat landscape—and how far it’ll go—is Cerber Version 6, the ransomware’s latest version we’ve uncovered and monitored since early April this year. It sports multipart arrival vectors and refashioned file encryption routines, along with defense mechanisms that include anti-sandbox and anti-AV techniques.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Cerber Version 6 Shows How Far the Ransomware Has Come (and How Far it’ll Go)

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place