Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Author Archive - Paul Oliveria (Technical Communications)

    Apple will once again take center stage on October 22, when they (probably) unveil new versions of the iPad, iPad mini, MacBook Pro, and the Mac Pro. We will be once again on the lookout for scams and malware that will exploit this event, as they did with the iPhone 5s.

    The threats mentioned above also reiterate what we’ve said before: Mac users are not immune to cybercrime. In today’s landscape where information can be accessed practically anywhere, threats to data are no longer dependent on the type of device or operating system one is using.

    One example is the continued—and even growing—exploitation of vulnerabilities found in cross-platform applications like Adobe or Java, which had several bouts of zero-day incidents during the first quarter of this year. For end users who have access to both a PC and a Mac, protecting themselves from these exploits would mean, at the very least, installing security updates for each of these platforms once it becomes available.

    For enterprises, this task is compounded ten- or even hundred-fold, especially because they have to manage not just PCs and Macs, but also Android, iOS, and other endpoints that connect to their networks. With consumerization and bring-your-own device trends happening, the endpoint “ecosystem” is getting fragmented further.

    This mixed bag of devices and OSes can pose several challenges for IT administrators. Controlling these devices and maintaining visibility over events is more difficult. Again, we are not just talking about PC and Mac threats here: our researchers have so far uncovered threats that affect both desktops and mobile, too.

    Another challenge is the deployment of preventive measures like patches and security updates. As such, organizations should have an endpoint strategy that is composed of not only the appropriate solutions and technologies, but also of a well-thought out data security policies. More information about the can be found in our latest Security In Context Primer: Managing Multiple Devices: Integrated Defense Against Cross-Platform Threats.

    Posted in Bad Sites | Comments Off on On Macs, Cross-Platform Threats, and Managing Multiple Devices

    During last week’s Apple iPhone announcement, one of the standout features that was mentioned was the 5s’s fingerprint sensor, called Touch ID. With this technology, iPhone users can substitute the use of passwords to unlock the home screen and verify purchases in iTunes and App Store.

    Substitute is the operative word. Technology like Touch ID may well become a good added layer for securing accounts against hackers and even malware, but it will be a very long time before we can forgo all passwords entirely.

    From a security standpoint, Touch ID looks good on paper that hopefully also translates in the real world (hands-on demos are mostly positive, but we’ll see more once iPhone 5s rolls out in December). Biometrics is not new, and we’ve seen in the past how Play-Dohs can trick fingerprint sensors. The iPhone 5s will not even be the first phone to introduce fingerprint scanning, which shows that technologies like these need to be implemented properly, especially when being introduced to oft-demanding consumer market.

    Exception Rather Than The Rule

    It should also be said that technologies like these are more of the exception rather than the rule. Granted, other services may well be thinking of their own ways to address the “password problem.” For instance, a day prior to the Apple event, a Google executive was quoted as saying that “passwords are done” and that they are finding ways to innovate. Until such time that these innovations become mainstream (and hopefully standardized), users will still have to log on to their accounts by using passwords.

    We should also consider the fact that most users have more than one device to access online accounts, and these devices have their own hardware specifications. Touch ID may work well in purchasing songs via iPhone—and maybe soon in other Apple products, but if you’re going to have to access iTunes via PC, you still need your password.

    Passwords are Still Key, But Manage Them Properly

    The bottom line here is that passwords are still an important security aspect on everyone’s digital life. Granted, managing them can be a tedious task—length and complexity are needed now more than ever, especially now that even long passphrases can be brute forced. Secure computing habits, password managers like Trend Micro DirectPass, and even the built-in security features of mobile phones and other devices (yes, like the upcoming Touch ID) can help.

    To know more on how to secure your passwords across multiple devices, check out our latest Digital Life e-Guide below:


    For further reading:


    Posted in Bad Sites | Comments Off on Fingerprint Scans, Passwords, and Managing Online Accounts

    Much of the current discussions surrounding the growing—and inevitable—trend of consumerization are focused on the impact of bring-your-own device (BYOD) and managing the growing diversity of mobile devices. However, another aspect that IT administrators and even business owners should not forget to consider are the other consumer-oriented technologies and services employees may have access to in the workplace.

    Like BYOD, the benefits that come along with consumer technologies like instant messaging applications, social networking sites also bring about certain risks to corporate data. For one, these “consumerized” applications have had their fair share of threats that exploited their capabilities for cybercriminals’ and other threat actors’ gain.

    What Goes In, What Goes Out

    Recently, a backdoor was discovered to be attempting to compromise thousands of WordPress blogs through a brute-force attack. This poses a risk to organizations that may be using this blogging platform for corporate communications.

    Last week’s discovery of the Citadel botnet’s resurgence in Japan can be another example. According to our researchers, the recent campaign was found to be targeting customers of banking and financial institutions that are only native in Japan, specifically those with webmail accounts. This “localized” tactic is notable in itself. If put in the context of, say, a Japanese employee accessing his or her GMail account in the office and accidentally setting off a data-stealing malware in the corporate network, then the repercussions can increase exponentially.

    But beyond malware, web threats, and other attacks that will attempt to go inside the organizations’ perimeters and get access to information, the risks these consumer applications can bring may also come in the data they can bring out. As predicted, we have seen cybercriminals abuse legitimate services to carry out their attacks. The VERNOT malware is an example of such an attack: it abuses a popular (and consumer-friendly) cloud storage service to send whatever data it gathers from an infected machine.

    In addition, some businesses may have strong perimeter defense, but may not have the adequate technologies or capabilities to monitor data packets passing through “normal” Web traffic these applications use. Thus, system IT administrators may be blind to employees who are (un)wittingly disclosing information about the company through their personal emails or instant messaging conversations.

    Balancing Freedom and Control

    Organizations need to find a balance between providing enough freedom for their employees and maintaining visibility and control to their data, wherever and however they are accessed. Having a solid plan to embrace consumerization in all its technological aspects—device, software, platform, etc.—is the first step to do so. More importantly, clear and well-thought-out policies (which should include strong employee awareness programs), as well as the proper technologies and solutions to identify and protect the most critical corporate data, should also be put in place.

    To know more about managing data in consumer applications and services, check out our latest primer and infographic:

    Posted in Mobile, Social | Comments Off on Corporate Data on Consumer Applications: Striking a Balance


    Some of the apps discussed in this blog entry were developed with an older adware SDK that did not contain opt-in provisions, particularly regarding the ability to collect information and display ads outside of the original app. The adware SDK has since been updated to this capability to comply with Google’s developer policies; apps that use this newer version are no longer considered high-risk.

    More details about this change can be found in our December 2012 Monthly Mobile Review: The Hidden Risk Behind Mobile Ad Networks.

    Valentine’s Day is here, and once again, we remind users to be careful online during this special occasion, whether or not you have a reason to celebrate it. Several entries in this blog should have already established Valentine’s Day (or love in general) as a favorite topic used by cybercriminals, and this year is no exception. Granted, with today’s more digitally connected lives, other love- and relationship-related issues come to mind—online privacy and reputation management (do you share passwords with your loved ones?) and inappropriate content (sexting), to name a few—but looking at the data gathered through the global sensors of our Smart Protection Network™, the more, shall we say, “old-school” web threats are still getting some traction.

    Below is a 30-day snapshot of hits to malicious sites and detected files with keyword “valentine” in it:


    Figure 1. Malicious URL hits related to “valentine” from January to Feb. 14


    Figure 2. Malware detections related to “valentine” from January to Feb. 14

    The increasing trend as February 14 approaches is not surprising. Nor does the correlation between the file and web reputation; indeed, it seems that majority of the Valentine-related threats that affected users are Trojans that usually arrive via malicious sites. We can assume here that these users were searching for something Valentine-related, clicked a link, and the Trojan was downloaded automatically.

    But what are these users actually looking for? “My Bloody Valentine” (which refers to pirated copies of both the movie and the music band) aside, several of the URL keywords we’ve seen still reflect the commercial side of Valentine’s Day. These range from coupons, to e-cards, to “last-minute gift ideas.” What is more interesting to note, though, is that some of these keywords reflect the user’s “post-PC” behavior: terms like “free download happy valentine day 2012 love quotes funny sms text” and the several “wallpaper backgrounds” or “animated gifs” were seen, indicating the shift of user behavior towards something more social (posting images and gifs in Facebook or Tumblr) and mobile (sending texts, MMS, etc.).

    Read the rest of this entry »


    In TrendLabs, it has become somewhat a tradition for our researchers to remind readers of the things cybercriminals do to scare them into falling into their traps. After all, not only do they take advantage of this trick-or-treating festivities to send e-cards or poison search results, the malicious tweets, disturbing Facebook posts, and the scareware that are still plaguing users happen all year round. We even did an infographic last year to sum up these tactics.

    Today, cybercriminal activities, hackers, and malware are just one aspect of our digital lives that we need to be scared of. So we asked ourselves: what are we really afraid of?

    A study* we recently conducted found that while 7 out of 10 users feel that it is their personal responsibility to protect their and their family’s online security, online 4 out of 10 feel they know how to do so. Other fears/concerns that came up touch on relevant issues like privacy and data loss.

    Are these fears rooted on something? It turns out that some of our online activities may be a contributing factor after all. Worried about the information posted on your social networking account? You should, if you don’t change your privacy settings. And did you know that according to Mashable, 1 out of 4 people in the U.S. do not back up their data at all?

    These interesting findings can be found in our latest infographic. It is interesting to note, too, that our digital “phobias” almost have the same manifestations as real-life ones (athazagoraphobia, anyone?).

    *Based on a Trend Micro survey sent to 1,000 respondents in the United States, United Kingdom, and Australia

    Posted in Bad Sites | Comments Off on Are You Scared for Your Digital Life?


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice