• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Archives for October 2014

CVE-2014-4115 Analysis: Malicious USB Disks Allow For Possible Whole System Control

  • Posted on:October 31, 2014 at 11:15 am
  • Posted in:Vulnerabilities
  • Author:
    Moony Li (Threat Analyst)
1

One of the bulletins that was part of the October 2014 Patch Tuesday cycle was MS14-063 which fixed a vulnerability in the FAT32 disk partition driver that could allow for an attacker to gain administrator rights on affected systems, with only a USB disk with a specially modified file system. This vulnerability as also designated…

Read More
Tags: CVE-2014-4115MicrosoftStuxnetUSBvulnerability

Shellshock–Related Attacks Continue, Targets SMTP Servers

  • Posted on:October 29, 2014 at 9:03 pm
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Trend Micro
0

A new Shellshock attack targeting SMTP servers was discovered by Trend Micro.  Attackers used email to deliver the exploit. If the exploit code is executed successfully on a vulnerable SMTP server, an IRC bot known as “JST Perl IrcBot” will be downloaded and executed. It will then delete itself after execution, most likely as a…

Read More

An In-Depth Look Into Malicious Browser Extensions

  • Posted on:October 29, 2014 at 2:08 pm
  • Posted in:Malware, Social
  • Author:
    Brooks Li (Threats Analyst)
2

Malicious browser extensions bring about security risks as these often lead to system infection and unwanted spamming on Facebook. Based on our data, these attacks have notably affected users in Brazil. We have previously reported that cybercriminals are putting malicious browsers in the official Chrome Web store. We also came across malware that bypasses a Google security…

Read More
Tags: Facebookmalicious browser extensionsocial media

Flash Pack Exploit Leads to New Family of Malware

  • Posted on:October 29, 2014 at 12:15 pm
  • Posted in:Bad Sites, Exploits, Malware
  • Author:
    Jay Yaneza (Threats Analyst)
0

We have been continuously monitoring the FlashPack exploit, especially with the recent attack which affected Japanese users. We recently looked at our Smart Protection Network feedback and found in a new development that majority of the infected systems of FlashPack exploit came from the U.S. Figure 1. Top infected countries for the FlashPack exploit (based on feedback…

Read More
Tags: exploit kitFlashPack

Phishers Improve Scheme With Spoofed Google Drive Site

  • Posted on:October 29, 2014 at 3:11 am
  • Posted in:Bad Sites
  • Author:
    Joie Salvio (Threat Response Engineer)
0

Cybercriminals and attackers are leveraging Google Drive site and brand to go under the radar and avoid detection. Just last week, a targeted attack uses Google Drive as a means into getting information from its victims. This time, phishers are using a modified version of the legitimate Google Drive login page to steal email credentials. This attack…

Read More
Tags: Google DrivephishingSpam
Page 1 of 912 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.