Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Zero-Day Alerts

  • Hacking Team Leak

  • Recent Posts

  • Calendar

    July 2015
    S M T W T F S
    « Jun    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • Email Subscription

  • About Us


    Archive for the ‘Malware’ Category



    Jul30
    2:09 pm (UTC-7)   |    by

    July has been a fairly poor month for Adobe Flash Player security, to say the least. Three separate zero-day vulnerabilities (all courtesy of the Hacking Team dump) have left many people concerned about Flash security, with many (including this blog) calling for it to go away. Some sort of reaction from Adobe to improve Flash security was inevitable. The recent version of Flash, version (18.0.0.209), includes several additional mitigation techniques. These were developed by Adobe, working together with Google's Project Zero. The ...




    When big breaches happen and hundreds of millions of credit card numbers and SSNs get stolen, they resurface in other places. The underground now offers a vast landscape of shops, where criminals can buy credit cards and other things at irresistible prices. Million dollar breaches News and media coverage on significant breaches are increasingly shaping up to becoming an everyday occurrence.   2014 became the “year of the POS breach” for the retailers like Neiman Marcus, Staples, Kmart, and Home Depot.  The first ...

    Posted in Malware |



    An attack aiming to infect PoS systems was found using the Angler Exploit Kit to push a PoS reconnaissance Trojan,This Trojan, detected as TROJ_RECOLOAD.A, checks for multiple conditions in the infected system like if it is a PoS machine or part of a PoS network. It then proceeds to download specific malware depending on the conditions met. We’ve also found that this utilizes the fileless installation capability of the Angler Exploit Kit to avoid detection. Looking into its infection chain, we ...

    Posted in Malware, Vulnerabilities |



    We analyzed the recent Hacking Team dump and found a sample of a fake news app that appears to be designed to circumvent filtering in Google Play. This is following news that iOS devices are at risk of spyware related to the Hacking Team. The fake news app was downloaded up to 50 times before it was removed from Google Play on July 7. The “BeNews” app is a backdoor app that uses the name of defunct news site “BeNews” to appear ...




    We discovered GamaPoS, a new breed of point-of-sale (PoS) threat currently spreading across the United States and Canada through the Andromeda botnet. GamaPoS is the latest in a long list of threats that scrape off credit card data from PoS systems. Compared to its predecessors, GamaPoS uses malware coded using the .NET framework—a first in PoS threats. The GamaPoS threat uses a “shotgun” or “dynamite fishing” approach to get to targets, even unintended ones. This means that it launches a spam campaign ...



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice