• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Malware

XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

  • Posted on:August 13, 2020 at 7:18 am
  • Posted in:Mac, Malware
  • Author:
    Trend Micro
0

We have discovered an unusual infection related to Xcode developer projects. Upon further investigation, we discovered that a developer’s Xcode project at large contained the source malware, which leads to a rabbit hole of malicious payloads. Most notable in our investigation is the discovery of two zero-day exploits: one is used to bypass the System Integrity Protection(SIP) read feature on macOS, another is used to abuse the development version of Safari.

Read More
Tags: developerXcodeXCSSet

Ensiko: A Webshell With Ransomware Capabilities

  • Posted on:July 27, 2020 at 7:31 am
  • Posted in:Malware
  • Author:
    Trend Micro
0

Ensiko is a PHP web shell with ransomware capabilities that targets various platforms such as Linux, Windows, macOS, or any other platform that has PHP installed. The malware has the capability to remotely control the system and accept commands to perform malicious activities on the infected machine.

Read More
Tags: PHPransomwarewebshell

Updates on ThiefQuest, the Quickly-Evolving macOS Malware

  • Posted on:July 17, 2020 at 5:00 am
  • Posted in:Mac, Malware
  • Author:
    Trend Micro
0

This entry is about ThiefQuest, the newly discovered malware targeting macOS. We discuss the differences between the old and new versions of the malware. Related findings include new functions as well as unusual observations in VirusTotal

Read More
Tags: macOSMalwareransomwareThiefQuest

US Local Government Services Targeted by New Magecart Credit Card Skimming Attack

  • Posted on:June 26, 2020 at 5:00 am
  • Posted in:Bad Sites, Malware
  • Author:
    Joseph C Chen (Fraud Researcher)
0

Eight cities across three states in the United States have fallen victim to a Magecart card skimming attack. In these attacks, their websites were compromised to host credit card skimmers which passed on the credit card information of residents to cybercriminals.

Read More
Tags: Click2Govlocal governmentMagecart

New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa

  • Posted on:June 11, 2020 at 5:25 am
  • Posted in:Malware, Mobile
  • Author:
    Trend Micro
0

While tracking Earth Empura, also known as POISON CARP/Evil Eye, we identified an undocumented Android spyware we have named ActionSpy (detected by Trend Micro as AndroidOS_ActionSpy.HRX). During the first quarter of 2020, we observed Earth Empusa’s activity targeting users in Tibet and Turkey before they extended their scope to include Taiwan. The campaign is reportedly targeting victims related to Uyghurs by compromising their Android and iOS mobile devices. This group is known to use watering hole attacks, but we recently observed them using phishing attacks to deliver their malware.

Read More
Tags: ActionSpyandroidEarth EmpusaEkranUyghur
Page 1 of 29212 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.