Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    November 2012
    S M T W T F S
    « Oct   Dec »
  • Email Subscription

  • About Us

    Archive for November 15th, 2012

    The Police Ransomware is not a new threat but has been evolving at a tremendous pace. Here we are talking about Trojans which don’t let the victims use their computer until they pay a “fine” for doing naughty things. To do this, they impersonate local police forces by using the infected user’s regional settings – in other words, they use the victim’s local language and the logos of their country’s police.

    Last October, I published a new paper on the subject that touched less on the technical part of the attack and more on the financial side. When I talk about this topic, a lot of people often ask me: how are these Eastern European cybercriminal outfits able to keep using the same fancy payment methods? Can’t we follow the money trail? Well, not really.

    The use of online vouchers as a method of payment for the scam has allowed these gangs to completely hide any money trail. This is an intriguing topic in itself, so I recommend you to check it out whether you’re a techie or just interested in the evolution of cybercrime. I wrote the paper for Virus Bulletin, which was held in Dallas last September, although my colleague Loucif Kharouni covered for me for the actual presentation. I finally did present it at B-Sides Sao Paulo in October, and you can find a video recording of that talk here. We have previously released paper on this particular series of attacks, which you can read here.

    If you think this is something interesting and want to know more about it, why don’t you download the paper and give it a read?

    Posted in Malware | 1 TrackBack »

    2:28 am (UTC-7)   |    by

    Earlier, we talked about how ordinary users can use NFC securely. However, truly widespread adaptation of NFC is only going to happen if businesses adopt it for their own use. How can businesses safely use NFC for their own purposes?

    For one of the most popular uses of NFC – mobile payments – businesses really aren’t in a position to use their own solution; what’s more likely is that businesses will adapt some sort of existing mobile payment system. Both credit card and mobile providers are trying to enter this space, but both groups will support NFC. In such a situation, what businesses can do is ensure that their solution is from a reputable vendor, and to keep themselves informed about any potential security loopholes in the solution they adopt.

    However, payment systems are far from the only use of NFC in businesses. At the simple end, it can be something like letting people visit a website without typing a URL or scanning a QR code. However, as the standard develops, something like this becomes possible: a shop wants to offer free WiFi to its customers, but doesn’t necessarily want to expose it to the entire world. What they can do is put an NFC tag at the entrance that customers entering can swipe to set their phone’s WiFi settings.

    NFC tags could also be used to automatically update someone’s social media – it’s easy to imagine a tag for Twitter, another for Facebook, and another for Foursquare (just to cite three popular social networks that one might be interested in using on the go). All of this can be done either now, or are quite likely to become possible in the near future.

    Read the rest of this entry »

    Posted in Mobile | Comments Off on Safe NFC For Businesses


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice