• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Author / Trend Micro Forward-Looking Threat Research Team

FTR

Attack Vectors in Orbit: The Need for IoT and Satellite Security in the Age of 5G
  • Posted on:June 11, 2018
  • Posted in:Internet of Things
  • Posted by:
    Trend Micro Forward-Looking Threat Research Team
0

Already a vital part of the critical infrastructure of the internet, satellites are set to take on a more significant role with the emergence of 5G cellular network technology and the continuing expansion of the internet of things (IoT). While terrestrial networks handle peak load well, disaster handling and critical infrastructure scenarios are served well by satellites, which are unaffected by most ground-based events. Ensuring the security of satellites, therefore, acquires even greater importance and warrants more initiatives to that end.

Read More
Tags: 5giiotindustrial internet of thingsinternet of thingssatellites

Using Insights From DefPloreX-NG to Thwart Web Defacement Attacks
  • Posted on:June 7, 2018
  • Posted in:Bad Sites, Machine Learning
  • Posted by:
    Trend Micro Forward-Looking Threat Research Team
0

The ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS) is an avenue for cybersecurity research breakthroughs, techniques, and tools. At the ACM ASIACCS 2018 in Incheon, South Korea, we presented our research using DefPloreX-NG, a tool for identifying and tracking web defacement campaigns using historical and live data. “DefPloreX-NG” is a play on the phrase “defacement explorer.” The appended “NG” acronym means “Next Generation,” signifying improvements from the previous version of the tool. DefPloreX-NG is equipped with an enhanced machine learning algorithm and new visualization templates to give security analysts and other professionals a better understanding of web defacement campaigns.

Read More
Tags: CERTsDefPloreX-NGmachine learningweb defacement

Emerging 5G Technology Could Compromise SIM Card-Dependent IoT Devices on Massive Scale
  • Posted on:May 31, 2018
  • Posted in:Internet of Things, Mobile
  • Posted by:
    Trend Micro Forward-Looking Threat Research Team
0

Already, current cellular network technologies such as 3G and 4G allow fast wireless communication. But the next evolution, 5G, is set to afford even faster connections along with greater reliability. Touted as the next generation of mobile internet connectivity, 5G will offer speeds of the order of several gigabits per second (Gbps), with average download rates expected to be about 1 Gbps. While its improvements over previous generations will doubtless be most apparent in smartphones and other widely used internet-enabled mobile devices, 5G is also likely to benefit the internet of things (IoT) since it can very well provide the infrastructure the IoT needs to carry and transfer massive amounts of data.

Read More
Tags: 5giot sim cardssim cards

Operators of Counter Antivirus Service Scan4You Convicted
  • Posted on:May 16, 2018
  • Posted in:Malware
  • Posted by:
    Trend Micro Forward-Looking Threat Research Team
0

In May 2017, one of the biggest facilitators of cybercrime, Scan4You, went offline after the two main suspects, Ruslans Bondars and Jurijs Martisevs, were arrested in Latvia and extradited to the U.S. by the Federal Bureau of Investigation (FBI). In May 2018, the case against the Scan4You’s operators concluded in a Virginia federal courtroom.

The Trend Micro Forward-Looking Threat Research (FTR) team started to look into Scan4You’s operations in 2012, and have been in close contact with FBI investigators assigned to the case since 2014. Our research on Scan4You spanned more than five years, passing some of our findings to the FBI until the service went offline.

Read More
Tags: Counter Antivirus (CAV)FBIlaw enforcementScan4You

Understanding Code Signing Abuse in Malware Campaigns
  • Posted on:April 5, 2018
  • Posted in:Machine Learning, Malware
  • Posted by:
    Trend Micro Forward-Looking Threat Research Team
0

Using a machine learning system, we analyzed 3 million software downloads, involving hundreds of thousands of internet-connected machines, and provide insights in this three-part blog series. In the first part of this series, we took a closer look at unpopular software downloads and the risks they pose to organizations. We also briefly mentioned the problem regarding code signing abuse, which we will elaborate on in this post.

Code signing is the practice of cryptographically signing software with the intent of giving the operating system (like Windows) an efficient and precise way to discriminate between a legitimate application (like an installer for Microsoft Office) and malicious software. All modern operating systems and browsers automatically verify signatures by means of the concept of a certificate chain.

Valid certificates are issued or signed by trusted certification authorities (CAs), which are backed up by parent CAs. This mechanism relies entirely and strictly on the concept of trust. We assume that malware operators are, by definition, untrustworthy entities. Supposedly, these untrustworthy entities have no access to valid certificates. However, our analysis shows that is not the case.

Read More
Tags: code signingcybercriminal undergroundMalware
Page 1 of 712 › »

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Malicious Edge and Chrome Extension Used to Deliver Backdoor
  • Confucius Update: New Tools and Techniques, Further Connections with Patchwork
  • GPON Vulnerabilities Exploited for Mexico-based Mirai-like Scanning Activities
  • Legitimate Application AnyDesk Bundled with New Ransomware Variant
  • Malicious Traffic in Port 7001 Surges as Cryptominers Target Patched 2017 Oracle WebLogic Vulnerability

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.