Recently, we discovered LokiBot (detected by Trend Micro as Trojan.Win32.LOKI) impersonating a popular game launcher to trick users into executing it on their machines. Further analysis revealed that a sample of this variant employs a quirky, installation routine that involves dropping a compiled C# code file.
Read More
A code-level root cause analysis of CVE-2020-0601 in the context of how applications are likely to use CryptoAPI to handle certificates — more specifically in the context of applications communicating via Transport Layer Security (TLS).
Read More The first Patch Tuesday of 2020 in January brought an unusually long list of patches, but February brings an even wider range of fixes that address a total of 99 vulnerabilities — including 12 classified as Critical, with the remaining 99 deemed Important. Only five of the vulnerabilities were made public before the patches were released; one of these was rated as Critical.
Read More
We observed an increase in hacking group Outlaw’s activities in December, with updates on the kits’ capabilities reminiscent of their previous attacks.
Read More
We recently discovered several malicious optimizer, booster, and utility apps (detected by Trend Micro as AndroidOS_BadBooster.HRX) on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes, perform mobile ad fraud, and download as many as 3,000 malware variants or malicious payloads on affected devices.
Read More