• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Author / Trend Micro

Analyzing C/C++ Runtime Library Code Tampering in Software Supply Chain Attacks
  • Posted on:April 22, 2019
  • Posted in:Malware
  • Posted by:
    Trend Micro
0

For the past few years, the security industry’s very backbone — its key software and server components — has been the subject of numerous attacks through cybercriminals’ various works of compromise and modifications. Such attacks involve the original software’s being compromised via malicious tampering of its source code, its update server, or in some cases, both. In either case, the intention is to always get into the network or a host of a targeted entity in a highly inconspicuous fashion — which is known as a supply chain attack. Depending on the attacker’s technical capabilities and stealth motivation, the methods used in the malicious modification of the compromised software vary in sophistication and astuteness.

Read More
Tags: supply chain attack

Zero-day XML External Entity (XXE) Injection Vulnerability in Internet Explorer Can Let Attackers Steal Files, System Info
  • Posted on:April 19, 2019
  • Posted in:Vulnerabilities
  • Posted by:
    Trend Micro
0

A zero-day extensible markup language (XML) external entity (XXE) injection vulnerability in Microsoft Internet Explorer (IE) was recently disclosed by security researcher John Page. An attacker can reportedly exploit this vulnerability to steal confidential information or exfiltrate local files from the victim’s machine. Page tested the vulnerability in the latest version of IE (11) with current patches on Windows 7 and 10, and Windows Server 2012 R2 operating systems. We looked at its attack chain to better understand how the security flaw works and how it can be mitigated.

Read More
Tags: IEInternet ExplorerXXEXXE Injection

Potential Targeted Attack Uses AutoHotkey and Malicious Script Embedded in Excel File to Avoid Detection
  • Posted on:April 17, 2019
  • Posted in:Targeted Attacks
  • Posted by:
    Trend Micro
0

We discovered a potential targeted attack that makes use of legitimate script engine AutoHotkey, in combination with malicious script files. This file is distributed as an email attachment and disguised as a legitimate document with the filename “Military Financing.xlsm.” The user would need to enable macro for it to open fully, which would use AutoHotkey in loading the malicious script file to avoid detection.

Read More
Tags: AutoHotKeymacro

Account With Admin Privileges Abused to Install BitPaymer Ransomware via PsExec
  • Posted on:April 15, 2019
  • Posted in:Ransomware
  • Posted by:
    Trend Micro
0

Ransomware may have experienced a decline in 2018, but it seems to be getting back on track — only this time, attacks are looking to be more targeted. Coming on the heels of news about a ransomware attack against a U.S. beverage company which addressed the company by name in the ransom note, this blog post looks into a BitPaymer ransomware variant (detected by Trend Micro as Ransom.Win32.BITPAYMER.TGACAJ) that hit a U.S. manufacturing company.

Read More
Tags: BitPaymerPsExecransomware

Miner Malware Spreads Beyond China, Uses Multiple Propagation Methods Including EternalBlue, Powershell Abuse
  • Posted on:April 12, 2019
  • Posted in:Botnets, Malware, Open source, Vulnerabilities
  • Posted by:
    Trend Micro
0

We analyzed a malicious Monero miner using multiple methods for propagation and infection to systems and vulnerable databases. While initially found infecting systems in China beginning of the year, the malware is expanding to other countries with more infiltration techniques like EternalBlue and PowerShell abuse.

Read More
Tags: cryptocurrencyEternalBlueMoneroPowershell
Page 1 of 9212 › »

Security Predictions for 2019

  • Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape. We have categorized them according to the main areas that are likely to be affected, given the sprawling nature of the technological and sociopolitical changes under consideration.
    Read our security predictions for 2019.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Phishing Attack Uses Browser Extension Tool SingleFile to Obfuscate Malicious Log-in Pages
  • Account With Admin Privileges Abused to Install BitPaymer Ransomware via PsExec
  • The Reigning King of IP Camera Botnets and its Challengers
  • Microsoft Edge and Internet Explorer Zero-Days Allow Access to Confidential Session Data
  • Bashlite IoT Malware Updated with Mining and Backdoor Commands, Targets WeMo Devices

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.