As PayPal celebrates its 10th anniversary this year, the Trend Micro Content Security Team also discovered a phishing website that uses the occasion to lure users into its trap. This fraudulent site informs online visitors that PayPal is throwing a party to celebrate the anniversary, supposedly as a way of letting its customers know how…Read More
Just like the floppy disk during its heydays, the USB drive, commonly called the thumb drive or flash disk, is the preferred removable storage media due to its portability and data storage capacity. However, its popularity may prove to be useful for attackers as a propagation vector for malware and as a tool for breaching…Read More
Thanks to the Internet of Things (IoT), the world is now much more connected. While IoT brings about many benefits and has made life easier for us, there are some important questions we still have to ask: is IoT also making the world a little less secure? More importantly, is IoT making us vulnerable to attackers?Read More
2016 was the year when ransomware reigned. Bad guys further weaponized extortion into malware, turning enterprises and end users into their cash cows by taking their crown jewels hostage. With 146 families discovered last year compared to 29 in 2015, ransomware’s rapid expansion and development are projected to spur cybercriminals into diversifying and expanding their platforms, capabilities, and techniques in order to accrue more targets.
Indeed, we’ve already seen them testing new waters by tapping the mobile user base, and more recently developing ransomware for other operating systems (OS) then peddling it underground to affiliates and budding cybercriminals. Linux.Encoder (detected by Trend Micro as ELF_CRYPTOR family) was reportedly the first for Linux systems; it targeted Linux web hosting systems through vulnerabilities in web-based plug-ins or software such as Magento’s. In Mac OS X systems, it was KeRanger (OSX_KERANGER)—found in tampered file-sharing applications and malicious Mach-O files disguised as a Rich Text Format (RTF) documents. Their common denominator? Unix.Read More
In September 2016, we noticed that operators of the updated CRYSIS ransomware family (detected as RANSOM_CRYSIS) were targeting Australia and New Zealand businesses via remote desktop (RDP) brute force attacks. Since then, brute force RDP attacks are still ongoing, with both SMEs and large enterprises across the globe affected. In fact, the volume of these attacks doubled in January 2017 from a comparable period in late 2016. While a wide variety of sectors have been affected, the most consistent target has been the healthcare sector in the United States.Read More