• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Malware

Hide and Script: Inserted Malicious URLs within Office Documents’ Embedded Videos
  • Posted on:November 12, 2018 at 5:02 am
  • Posted in:Malware
  • Author:
    Trend Micro
0

In late October, security researchers from Cymulate showed a proof of concept (PoC) exploiting a logic bug that could allow hackers to abuse the online video feature in Microsoft Office to deliver malware. We indeed identified an in-the-wild sample (detected by Trend Micro as TROJ_EXPLOIT.AOOCAI) in VirusTotal, using this method to deliver the URSNIF information stealer (TSPY_URSNIF.OIBEAO).

Since this kind of attack involves the use of a specially crafted Word document, we can assume that it can arrive on a user’s system through other malware or as an attachment or links/URLs in spam.

Read More
Tags: Microsoft Officeproof-of-conceptURSNIFvideo

Cryptocurrency Mining Malware uses Various Evasion Techniques, Including Windows Installer, as Part of its Routine
  • Posted on:November 8, 2018 at 5:00 am
  • Posted in:Malware
  • Author:
    Trend Micro
0

The concept of a stealthy, difficult-to-detect malware operating behind the scenes has proven to be an irresistible proposition for many threat actors, and they’re evidently adding even more techniques, as seen in a cryptocurrency miner (detected as Coinminer.Win32.MALXMR.TIAOODAM) we discovered that uses multiple obfuscation and packing as part of its routine.

Read More
Tags: cryptocurrencycryptocurrency minerWindows InstallerWiX

Trickbot Shows Off New Trick: Password Grabber Module
  • Posted on:November 1, 2018 at 5:04 am
  • Posted in:Malware
  • Author:
    Trend Micro
0

Trickbot (detected by Trend Micro as TSPY_TRICKBOT.THOIBEAI) now has a password grabber module that steals access from several applications and browsers.

Read More
Tags: banking malwareTrickbot

Perl-Based Shellbot Looks to Target Organizations via C&C
  • Posted on:November 1, 2018 at 12:04 am
  • Posted in:Botnets, Internet of Things, Malware
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

We uncovered an operation of a hacking group, which we’re naming “Outlaw” (translation derived from the Romanian word haiduc, the hacking tool the group primarily uses), involving the use of an IRC bot built with the help of Perl Shellbot. The group distributes the bot by exploiting a common command injection vulnerability on internet of things (IoT) devices and Linux servers. Further research indicates that the threat can also affect Windows-based environments and even Android devices.

Read More
Tags: androidIOTIRC botLinuxWindows

Gathering Insights on the Reemergence and Evolution of Old Threats Through Managed Detection and Response
  • Posted on:October 31, 2018 at 5:00 am
  • Posted in:Malware, Ransomware, Spam, Vulnerabilities
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

Smart Protection Network (SPN) data and observations from Managed Detection and Response (MDR) for the North American region show the persistence of older threats and tactics: delivery methods such as spam emails are still going strong, while ransomware attacks have seen a renewed vigor alongside newer threats such as cryptocurrency mining malware in the third quarter of 2018.

However, the prevalence of these older threats should not be misconstrued as a sign that threat actors are resting on their laurels. In fact, it should be taken as proof that they are constantly improving proven tools and techniques to get ahead in the never-ending cat-and-mouse game between cybercriminals and security providers.

Read More
Tags: cryptocurrency minersManaged Detection and ResponseransomwareVulnerabilities
Page 1 of 27112 › »

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments
  • Malware Targeting Brazil Uses Legitimate Windows Components WMI and CertUtil as Part of its Routine
  • Perl-Based Shellbot Looks to Target Organizations via C&C
  • SettingContent-ms can be Abused to Drop Complex DeepLink and Icon-based Payload
  • Spam Campaign Abusing SettingContent-ms Found Dropping Same FlawedAmmyy RAT Distributed by Necurs

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.