• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Author / Michael Marcos (Threat Response Engineer)

Michael Marcos

Threat Response Engineer

Without a Trace: Fileless Malware Spotted in the Wild

  • Posted on:April 20, 2015
  • Posted in:Malware
  • Posted by:
    Michael Marcos (Threat Response Engineer)
0

With additional analysis from David Agni Improvements in security file scanners are causing malware authors to deviate from the traditional malware installation routine. It’s no longer enough for malware to rely on dropping copies of themselves to a location specified in the malware code and using persistence tactics like setting up an autostart feature to…

Read More
Tags: filelessfileless malwareMalwarePhasebotPOWELIKSXswDownloader

CRYPVAULT: New Crypto-ransomware Encrypts and “Quarantines” Files

  • Posted on:April 6, 2015
  • Posted in:Malware, Ransomware
  • Posted by:
    Michael Marcos (Threat Response Engineer)
3

We uncovered a new crypto-ransomware variant with new routines that include making encrypted files appear as if they were quarantined files. These files are appended by a *.VAULT  file extension, an antivirus software service that keeps any quarantined files for a certain period of time. Antivirus software typically quarantines files that may potentially cause further damage to an infected…

Read More
Tags: crypvaultransomware

CTB-Locker Ransomware Spoofs Chrome and Facebook Emails as Lures, Linked to Phishing

  • Posted on:February 12, 2015
  • Posted in:Malware, Ransomware
  • Posted by:
    Michael Marcos (Threat Response Engineer)
0

We recently talked about recent improvements to the CTB-Locker ransomware. To recap, the malware now offers a “free decryption” service, extended deadline to decrypt the files, and an option to change the language of the ransom message. We are seeing another wave of CTB-Locker ransomware making their way into the wild. What’s highly notable about…

Read More
Tags: crypto-ransomwarectb-lockerCTB-Locker ransomwareFacebookGoogle ChromepaypalphishingransomwareSpam

New DYRE Variant Hijacks Microsoft Outlook, Expands Targeted Banks

  • Posted on:January 30, 2015
  • Posted in:Malware
  • Posted by:
    Michael Marcos (Threat Response Engineer)
6

The DYRE/Dyreza banking malware is back with a new infection technique: we observed that it now hijacks Microsoft Outlook to spread the notorious UPATRE malware to target an expanded list of targeted banks. Last October 2014 we observed a hike in UPATRE-DYRE malware infections brought by the CUTWAIL spambot, a pattern we observed was similar…

Read More
Tags: banking malwareDYREDyrezaUPATRE

New RATs Emerge from Leaked Njw0rm Source Code 

  • Posted on:January 22, 2015
  • Posted in:Malware
  • Posted by:
    Michael Marcos (Threat Response Engineer)
0

In the middle of my research on the remote access Trojan (RAT) known as “njrat” or “Njw0rm”, I stumbled upon dev-point.com, a site that disguises itself as a site for “IT enthusiasts” but actually hosts various downloaders, different types of spyware, and RATs. I explored the site and found that they host malware under the…

Read More
Tags: Kjw0rmNjw0rmSir DoOom wormworm

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.