• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Archives for May 2012

Specially Crafted .HWP File Used for Korean Targeted Campaign

  • Posted on:May 24, 2012 at 5:40 am
  • Posted in:Exploits, Malware, Targeted Attacks, Vulnerabilities
  • Author:
    Roland Dela Paz (Threat Researcher)
0

A few weeks ago, we have been alerted by our colleagues from Korea to a specially crafted Hangul Word Processor document (.hwp) that exploits an application vulnerability in the Hancom Office word processing software. The file extension .HWP is a popular Korean word processor file format – just the right format for targeting Korean prospective…

Read More

Beta Version of Spytool App for Android Steals SMS Messages

  • Posted on:May 21, 2012 at 1:24 am
  • Posted in:Bad Sites, Malware, Mobile
  • Author:
    Yoshikawa Takashi (Threats Analyst)
3

During my investigation of mobile threats in the wild, I discovered a spytool, which is currently available on Google Play, that is actively being discussed on certain hacker forums. This tool’s beta version is available on the site since March 11. An estimated 500 – 1000 users have already downloaded the said spytool, which Trend…

Read More

Bogus Pinterest Pins Lead to Survey Scams

  • Posted on:May 18, 2012 at 1:18 pm
  • Posted in:Social
  • Author:
    Paul Pajares (Fraud Analyst)
0

The continuing increase in visitors to the Pinterest site may be a primary reason why it’s becoming a hit for cybercriminals’ scams and schemes. In March, we spotted scammers using popular brands to lure users into “pinning” fake posts that led to surveys scams. This new wave of survey scams I found came from my…

Read More

Cloud-based Services Vulnerabilities Also Used in Targeted Attacks

  • Posted on:May 18, 2012 at 3:50 am
  • Posted in:Bad Sites, Exploits, Targeted Attacks, Vulnerabilities
  • Author:
    Nart Villeneuve (Senior Threat Researcher)
1

Recently, Trend Micro researchers encountered a potential vulnerability that affected users of Yahoo! Mail. We discovered several emails used in targeted attacks that contained JavaScript in the “From” field that attempted to launch a Document Object Model (DOM)-based cross-site scripting attack against the recipients of the email. However, we were not able to replicate the…

Read More

Worm Spreads via Facebook Private Messages, Instant Messengers

  • Posted on:May 17, 2012 at 1:42 am
  • Posted in:Bad Sites, Malware, Social
  • Author:
    Cris Pantanilla (Threat Response Engineer)
7

We recently received reports about private messages found on Facebook and distributing a link, which is a shortened URL pointing to an archive file “May09-Picture18.JPG_www.facebook.com.zip”. This archive contains a malicious file named “May09-Picture18.JPG_www.facebook.com” and uses the extension “.COM”. Once executed, this malware (detected as WORM_STEKCT.EVL) terminates services and processes related to antivirus (AV) software, effectively…

Read More
Page 2 of 5 ‹ 123 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.