• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Archives for June 2009

To *** or Not to Mask: Usability Versus Security in Password Masking

  • Posted on:June 30, 2009 at 1:11 am
  • Posted in:Bad Sites
  • Author:
    Ben April (Threat Researcher)
2

On June 23, Jakob Nielsen posted an article declaring that password masking on the user interface is more harmful in terms of usability than helpful to the security of an application to which Bruce Schneier, in a June 26 blog post agreed. Both argued that masking the characters when a user enters a password is…

Read More

Michael Jackson Video Leads to Malware Download

  • Posted on:June 29, 2009 at 12:07 am
  • Posted in:Malware, Spam
  • Author:
    Argie Gallego (Anti-spam Research Engineer)
8

Cybercriminals once again used the passing of Michael Jackson, the ‘King of Pop,’ a few days ago as an opportunity to go about with their malicious activities and attack innocent users. We spotted an email (see Figure 1 below) about Michael Jackson’s death written in Spanish claiming to be from CNN Mexico. Upon closer analysis…

Read More

Files for Ransom… or Not

  • Posted on:June 28, 2009 at 11:33 pm
  • Posted in:Malware, Spam
  • Author:
    Jessa De La Torre (Senior Threat Researcher)
4

A new ransomware spreading through email is on the loose. On the outset, the worm detected by Trend Micro as WORM_RANSOM.FD may look like a normal mass-mailing worm but further analysis reveals that this comes with a deadly payload. With only a few exceptions (files with .rwg, .dll, .exe, .ini, .vxd, and .drv extensions are…

Read More

New Koobface Component: A DNS Changer

  • Posted on:June 28, 2009 at 6:12 pm
  • Posted in:Bad Sites, Botnets, Malware
  • Author:
    Ryan Flores (Threat Research Manager)
2

Aside from the new Twitter component we’ve also seen Koobface download a new component with the filename dns.exe, whose main purpose, it seems, is to modify the system’s DNS registry settings. It is accomplished by inserting 213.174.139.72 (IP of the rogue DNS server) into the values of NameServer and DhcpNameServer found in the following registry…

Read More

New Anti-analysis Technique for Script Malware

  • Posted on:June 28, 2009 at 1:42 pm
  • Posted in:Malware
  • Author:
    Jonathan San Jose (Threats Analyst)
3

Recently, we came across JS_VIRTOOL which uses certain Javascript techniques so that encrypted code may not be decrypted and analyzed by a malware analyst. Here is how this is done: It retrieves the URL where the malicious script is located. It retrieves its own function and adds the string of the URL. It computes the…

Read More
Page 1 of 812 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.