• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Archives for December 2014

64-bit Version of HAVEX Spotted

  • Posted on:December 29, 2014 at 8:07 am
  • Posted in:Malware, Targeted Attacks
  • Author:
    Jay Yaneza (Threats Analyst)
3

The remote access tool (RAT) HAVEX became the focus of the security industry after it was discovered to have played a major role in a campaign targeting industrial control systems (ICS). While observing HAVEX detections (known by different vendors as Dragonfly, Energetic Bear, and Crouching Yeti), we noticed something interesting. The Dragonfly campaign was previously…

Read More
Tags: 64-bitAPTdragon flyHAVEXTargeted Attacktargeted attacks

Repackaging HTML5 Apps into Android Malware

  • Posted on:December 29, 2014 at 7:54 am
  • Posted in:Malware, Mobile
  • Author:
    Seven Shen (Mobile Threats Analyst)
0

With the finalization of HTML5 standard by World Wide Web Consortium (W3C) last October, there will be a rapid growth of new HTML5 web apps coming out in the near future. Considering the platform independent characteristic in web apps, we foresee that HTML5 will accelerate the repackaging from web apps to mobile apps for malicious…

Read More
Tags: androidhtml 5Malwaremobile appsmobile threats

Facebook Users Targeted By Android Same Origin Policy Exploit

  • Posted on:December 26, 2014 at 8:45 am
  • Posted in:Bad Sites, Mobile, Vulnerabilities
  • Author:
    Simon Huang (Mobile Security Engineer)
2

A few months back, we discussed the Android Same Origin Policy (SOP) vulnerability, which we later found to have a wider reach than first thought. Now, under the collaboration of Trend Micro and Facebook, attacks are found which actively attempt to exploit this particular vulnerability, whose code we believe was based in publicly available Metasploit code. This attack targets Facebook…

Read More
Tags: androidBlackBerryFacebookMobilesame origin policySOPVulnerabilitiesvulnerability

MBR Wiper Attacks Strike Korean Power Plant

  • Posted on:December 23, 2014 at 3:18 pm
  • Posted in:Malware, Targeted Attacks
  • Author:
    Trend Micro
0

In recent weeks, a major Korean electric utility has been affected by destructive malware, which was designed to wipe the master boot records (MBRs) of affected systems. It is believed that this MBR wiper arrived at the target systems in part via a vulnerability in the Hangul Word Processor (HWP), a commonly used application in South…

Read More
Tags: HWPMBRMBR WiperSouth KoreaThe Interview

Patches Not Cure-all for Shellshock

  • Posted on:December 23, 2014 at 12:05 am
  • Posted in:Vulnerabilities
  • Author:
    Trend Micro
0

Earlier this year, Linux system administrators all over the world had to deal with the Shellshock vulnerability, which could lead to malicious code being run on Linux systems. Servers running various web services were at particular risk. By now, most major distributions have been able to release patches that upgraded the vulnerable bash shell to versions not affected…

Read More
Tags: bashbash bugIDSLinuxpatchingshellshockwhitelisting
Page 1 of 512 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.