• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Current News   »   This Week in Security News: Spam Campaigns and Vulnerable Infrastructures

This Week in Security News: Spam Campaigns and Vulnerable Infrastructures

  • Posted on:November 2, 2018
  • Posted in:Current News, Security
  • Posted by:
    Jon Clay (Global Threat Communications)
0

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, see how cybercriminals have learned to become more creative with malware through spam campaigns. Also, understand why securing energy and water should remain top priority in integration of the industrial IoT.

Read on:

Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments

As cybersecurity defenses continue to improve, cybercriminals have learned to become more creative with malware.Ā Trend Micro encountered threats being packaged inside old file types in spam campaigns.Ā 

Internet freedom continues to decline around the world, a new report says

Digital authoritarianism is on the rise, according to a new report from a group that monitors internet freedoms.Ā Freedom House, a pro-democracy think tank, said today that governments are seeking more control over users’ data while also using laws nominally intended to address ā€œfake newsā€ to suppress dissent. It marked the eighth consecutive year that Freedom House found a decline in online freedoms around the world.

HHS Opens Health Cybersecurity Coordination Center

The Department of Health and Human Services opened a cybersecurity center designed to support and improve the cyber defense of the U.S. healthcare industry.Ā 

Ransomware Threat Continues: How Infections Take Place

According to Trend Micro’s report,Ā there has only been a slight increase in ransomware detection so far in 2018. However, this doesn’t make ransomware any less of a threat to enterprise security.

Misconfigured Container Abused to Deliver Cryptocurrency-mining Malware

Trend Micro recently observed cases of abuse of the systems running misconfigured Docker Engine-Community with Docker application program interface (API) ports exposed.Ā Ā 

Apple’s T2 Security Chip Makes it Harder to Tap MacBook Mics

To defend against eavesdropping malware, Apple’s T2 security chip will now include a mechanism to cut off a laptop’s microphone at a hardware level whenever the lid is closed.

Disrupting the Flow: Exposed and Vulnerable Water and Energy Infrastructures

AsĀ vulnerabilities in the systems behind CIs increase, specifically forĀ supervisory control and data acquisition human machine interfaces, it’s important to look at what risks these critical sectors face.

Spam Campaign Targets Japan, Uses Steganography to Deliver the BEBLOH Banking Trojan

This campaign is notable for its use of steganography, which hides malicious code in unexpected mediums (i.e., images) to evade signature-based detection.

Critical Infrastructures Exposed and at Risk: Energy and Water Industries

Securing energy and water should remain top priority in the continuing integration of the industrial internet of things in these critical sectors.Ā 

British Airways Says Data Breach Larger Than Estimated

International Consolidated Airlines Group SA said 185,000 more British Airways passenger records were potentially stolen in a recent data breach, on top of the 380,000 credit card records previously reported.

Network Threats Examined: Clustering Malicious Network Flows with Machine Learning

Cybercriminals are increasingly usingĀ evasion tacticsĀ to bypass detection methods, and proactive techniques are needed to discover a malware infection before it leads to a threat.

Perl-Based Shellbot Looks to Target Organizations via C&C

Trend Micro uncovered an operation of a hacking group, which we’re naming ā€œOutlawā€, involving the use of an IRC bot built with the help of Perl Shellbot.

Trickbot Shows Off New Trick: Password Grabber Module

Trickbot now has a password grabber module that steals access from several applications and browsers, such as Microsoft Outlook, Google Chrome, Internet Explorer, Microsoft Edge, and more.Ā 

This is How Hackers Can Take Down our Critical Energy Systems Through the Internet

Researchers from Trend Micro published a report on the ways that Human Interface Systems (HMI), which are found in thousands of utilities worldwide, can be exploited.Ā 

InfoSec Guide: Remote Desktop Protocol (RDP)

The increasing attack incidences via Remote Desktop Protocol (RDP) have prompted theĀ FBI to release an alertĀ informing businesses to establish preventive measures.

Do you think it’s important for critical infrastructures to use proactive techniques to secure energy and water sectors? Why or why not? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

Related posts:

  1. This Week in Security News: Phishing Campaigns and a Biometric Data Breach
  2. This Week in Security News: Spam Campaigns and Cryptocurrency Miners
  3. This Week in Security News: Spam Campaigns and Mobile Malware
  4. This Week in Security News: Cyberespionage Campaigns and Botnet Malware

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Detected Cyber Threats Rose 20% to Exceed 62.6 Billion in 2020
  • Trend Micro Recognized on CRN Security 100 List
  • Trend Micro Reports Solid Results for Q4 and Fiscal Year 2020
  • Connected Cars Technology Vulnerable to Cyber Attacks
  • Trend Micro Asks Students How Their Relationship to the Internet Has Changed During COVID-19
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, ę—„ęœ¬, ėŒ€ķ•œėÆ¼źµ­, å°ē£
  • Latin America Region (LAR): Brasil, MĆ©xico
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Ɩsterreich / Schweiz, Italia, Š Š¾ŃŃŠøŃ, EspaƱa, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.