• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Archives for May 2008

XSS Methods Also Seen Being Used in Mass Compromises

  • Posted on:May 31, 2008 at 9:37 pm
  • Posted in:Malware, Vulnerabilities
  • Author:
    Joseph Pacamarra (Threats Analyst)
0

XSS (Cross-Site Scripting) Very Much Alive and Kicking We were about to investigate further on malicious activities related to banner82(dot)com/b.js but the URL was already inaccessible around Tuesday. Soon enough the malicious script in www(dot)adw95(dot)com caught our interest. A rough survey of the sites compromised by this script reveal that the sites involved some cross-site…

Read More
Tags: mass compromiseSQLXSS

Bogus Microsoft Update Delivers Nasty File Infector

  • Posted on:May 31, 2008 at 9:20 pm
  • Posted in:Malware, Spam
  • Author:
    Bernadette Irinco (Technical Communications)
1

Even though Patch Tuesday is still two weeks from now, crimeware authors are already sending out fake Microsoft “critical updates.” The TrendLabs Content Security Team recently found a hoax purporting to be from Microsoft that urges users to update their computers due to a “critical security issue”. The email, which has the subject heading Important…

Read More

Info Stealer Trojan Arrives With News of Nardoni Case

  • Posted on:May 31, 2008 at 8:46 pm
  • Posted in:Malware, Spam
  • Author:
    Bernadette Irinco (Technical Communications)
1

Malware criminals generally revert to old-school social engineering as they continually employ another newsworthy item in their latest ploys. Just recently, TrendLabs Content Security team discovered spam email messages that rode on interest around the case of Alexandre Nardoni. Nardoni, a law consultant, who was accused of allegedly killing his daughter, Isabella Nardoni, in their…

Read More

Total Recall: The Month of Mass Compromises

  • Posted on:May 30, 2008 at 3:26 am
  • Posted in:Bad Sites
  • Author:
    Arman Capili (Technical Communications)
0

It is that month of the year when flowers are in full bloom and people celebrate them in festive events. And it seems that same eventful—but darker—tone can be used to describe the month of May for the security industry. Trend Micro has so far documented several mass compromises of Web sites around the world…

Read More
Tags: iFrameJavaScriptSQL injectionweb sites compromises

National Bank of Kuwait Phished

  • Posted on:May 30, 2008 at 3:14 am
  • Posted in:Mobile
  • Author:
    Abigail Villarin (Fraud Analyst)
0

Banks all over the world are fast taking on the challenge (and opportunity) of bringing part of their operations online. Sadly, being spoofed in a phishing attack is one of the risks financial services companies have to continually address via user education. Early this week we were able to catch a phishing attempt targeted at…

Read More
Tags: MobileNBK
Page 1 of 812 › »

Security Predictions for 2019

  • Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape. We have categorized them according to the main areas that are likely to be affected, given the sprawling nature of the technological and sociopolitical changes under consideration.
    Read our security predictions for 2019.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Going In-depth with Emotet: Multilayer Operating Mechanisms
  • February Patch Tuesday: Batch Includes 77 Updates That Cover Flaws in Internet Explorer, Exchange Server, and DHCP Server
  • Various Google Play ‘Beauty Camera’ Apps Send Users Pornographic Content, Redirect Them to Phishing Websites and Collect Their Pictures
  • Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners
  • Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.