• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Archives for July 2018

Blackgear Cyberespionage Campaign Resurfaces, Abuses Social Media for C&C Communication
  • Posted on:July 17, 2018 at 5:01 am
  • Posted in:Targeted Attacks
  • Author:
    Joey Chen (Threats Analyst)
0

Blackgear (also known as Topgear and Comnie) is a cyberespionage campaign dating back to 2008, at least based on the Protux backdoor used by its operators. It targets organizations in Japan, South Korea, and Taiwan, leveling its attacks on public sector agencies and telecommunications and other high-technology industries. In 2016, for instance, we found their campaigns attacking Japanese organizations with various malware tools, notably the Elirks backdoor. Blackgear’s operators are well-organized, developing their own tools, which we observed to have been recently fine-tuned, based on their latest attacks.

Read More
Tags: BLACKGEARComnieManaged Detection and ResponseMaradeProtuxTopgear

New Andariel Reconnaissance Tactics Hint At Next Targets
  • Posted on:July 16, 2018 at 8:10 am
  • Posted in:Bad Sites, Targeted Attacks
  • Author:
    Joseph C Chen (Fraud Researcher)
0

Reconnaissance plays a vital role in criminal operations, and some groups go to great lengths to investigate their targets’ systems. A recent example is the Andariel Group, a known branch of the notorious Lazarus Group. Last month, we tracked new scouting techniques coming from Andariel, used mainly against South Korean targets.

Read More
Tags: Targeted Attack

VPNFilter-affected Devices Still Riddled with 19 Vulnerabilities
  • Posted on:July 13, 2018 at 5:02 am
  • Posted in:Internet of Things, Vulnerabilities
  • Author:
    Trend Micro
0

This blog tackles the recently ill-famed VPNFilter malware and if deployed devices are vulnerable to it. VPNFilter is a newly discovered, multi-stage malware (detected by Trend Micro as ELF_VPNFILT.A, ELF_VPNFILT.B, ELF_VPNFILT.C, and ELF_VPNFILT.D) that affects many models of connected devices. Based on our data from June 1 to July 12, plenty of the devices are still using old firmware versions. In fact, 19 known vulnerabilities, not only taken advantage of by VPNFilter but other malware as well, can still be detected in devices up to this day.

Read More
Tags: IOTMalwaresecurityVPNFiltervulnerability

July Patch Tuesday: Large Adobe Security Update and Patches for 18 Critical Microsoft Vulnerabilities
  • Posted on:July 10, 2018 at 11:47 pm
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Trend Micro
0

Patch Tuesday for July addresses 53 Microsoft and 107 Adobe vulnerabilities.

Read More
Tags: 2018JunePatch Tuesday

Malicious Macro Hijacks Desktop Shortcuts to Deliver Backdoor
  • Posted on:July 3, 2018 at 5:01 am
  • Posted in:Malware
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

by Loseway Lu Despite being around for decades, cybercriminals are still using malicious macro to deliver malware, albeit in more creative ways to make them more effective. The threat actors behind a recent case used macro in a more roundabout way, with a macro that searches for specific shortcut files in the user’s system, which…

Read More
Tags: macromacro-based attack
Page 1 of 212

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Using Insights From DefPloreX-NG to Thwart Web Defacement Attacks
  • VPNFilter-affected Devices Still Riddled with 19 Vulnerabilities
  • North American Malware Trends: Taking a Proactive Approach to Modern Threats
  • Cryptocurrency-Mining Bot Targets Devices With Running SSH Service via Potential Scam Site
  • The New Face of Necurs: Noteworthy Changes to Necurs’ Behaviors

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.