Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    November 2014
    S M T W T F S
    « Oct    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Malware’ Category




    We have been continuously monitoring the FlashPack exploit, especially with the recent attack which affected Japanese users. We recently looked at our Smart Protection Network feedback and found in a new development that majority of the infected systems of FlashPack exploit came from the U.S. Figure 1. Top infected countries for the FlashPack exploit (based on feedback from September 24-October 22) URL Usage and Malware Payload We checked the details of the URLs used by the FlashPack exploit and found that the exploit uses three ...

    Posted in Bad Sites, Exploits, Malware |



    We've frequently talked about how important it is for law enforcement and security companies to work together to stop cybercrime. One particular reason to do so is because of the nature of cybercrime: simply put, it has no borders. Perhaps more than any other type of crime, cybercrime respects no borders. A cybercriminal in Russia can have colleagues in the Ukraine, use servers in the United Kingdom, and target users in the United States. We work extensively with Interpol to help fight ...

    Posted in Malware |



    Despite the availability of fixes related to the Sandworm vulnerability (CVE-2014-4114), we are still seeing new attacks related to this flaw. These attacks contain a new routine that could prevent detection. A New Evasion Technique In our analysis of the vulnerability, we noted this detail: “…[T]he vulnerability exists in PACKAGER.DLL, which is a part of Windows Object Linking and Embedding (OLE) property. By using a crafted PowerPoint document, an .INF file in embedded OLE object can be copied from a remote SMB share ...




    Pawn Storm is an active economic and political cyber-espionage operation targeting a wide range of entities, mostly those related to the military, governments, and media. Specific targets include: Military agencies, embassies, and defense contractors in the US and its allies Opposition politicians and dissidents of the Russian government International media The national security department of a US ally The cyber criminals behind Operation Pawn Storm are using several different attack scenarios: spear-phishing emails with malicious Microsoft Office documents lead to SEDNIT/Sofacy malware, very selective exploits injected into legitimate websites that ...

    Posted in Malware, Targeted Attacks |



    We recently observed a new ransomware variant, TorrentLocker, that was targeted at nearly 4,000 organizations and enterprises, many of which are located in Italy. TorrentLocker is similar to an earlier ransomware family (CryptoLocker), and also encrypts various files and forces users to pay a sum of money. TorrentLocker uses the TOR anonymity network to hide its network traffic, which may have been the origin of its name. The said threat used spam email written in Italian with several templates as part of ...

    Posted in Malware, Spam |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice