• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Spam

New FAREIT Strain Abuses PowerShell
  • Posted on:April 25, 2016 at 1:24 am
  • Posted in:Malware, Spam
  • Author:
    Trend Micro
0

In 2014, we began seeing attacks that abused the Windows PowerShell. Back then, it was uncommon for malware to use this particular feature of Windows. However, there are several reasons for an attacker to use this scripting technique.

For one, users cannot easily spot any malicious behavior since PowerShell runs in the background.  Another is that PowerShell can be used to steal usernames, passwords, and other system information without an executable file being present. This makes it an attractive tool for attackers for carrying out malicious activities while avoiding easy detection.

Read More
Tags: FAREITmacro malwarePowershellWindows Powershell

Tax Day Extortion: PowerWare Crypto-ransomware Targets Tax Files
  • Posted on:March 31, 2016 at 5:00 am
  • Posted in:Malware, Ransomware, Spam
  • Author:
    Trend Micro
0

As we are certain about some aspects of life, the same can be said about cybercrime. Tax Day draws closer in the U.S., and as millions of Americans are in the process of filing their taxes, cybercriminals are also stepping in to make this task profitable for them and difficult for their victims. We have seen recent incidents of organizations falling for business email compromise (BEC) schemes related to tax filing; now, it looks like online extortionists have joined the fray as well.

Read More
Tags: crypto-ransomwaremacro malwarespam mail

Macro Malware Strides in New Direction, Uses Forms to Store its Code
  • Posted on:March 3, 2016 at 1:10 pm
  • Posted in:Malware, Spam
  • Author:
    Trend Micro
3

The resurgence and continued prevalence of macro malware could be linked to several factors, one of which is their ability to bypass traditional antimalware solutions and  sandboxing technologies. Another factor is the continuous enhancements in their routines: just recently, we observe that the macro malware related to DRIDEX and the latest crypto-ransomware variant, Locky Ransomware used Form object in macros to obfuscate the malicious code. With this improvement, it could further aid cybercriminals or attackers to hide any malicious activity they perform in their target network or system.

Read More
Tags: Locky Ransomwaremacro malwareransomware

EU ISP Talks: Let’s Make the Most of It!
  • Posted on:February 16, 2016 at 8:09 am
  • Posted in:Bad Sites, Botnets, Malware, Spam
  • Author:Raimund Genes (Chief Technology Officer)
1

The Internet has no borders, countries do. And that’s what makes it so difficult for law enforcement to chase cybercriminals. Trend Micro works with these bodies for years and we see how painful and long these processes are, once the cybercriminal is somewhere else. We not only work close with local police but also with Europol and INTERPOL, which helps when it comes to international crime. They do a great job, but the bad guys clearly have an advantage as their flexibility and speed makes it easy for them to jump around in cyberspace and build up systems everywhere. And pretty often, they go to countries where cybercrime is not a crime or chasing them is low priority.

Read More

DRIDEX Spam Runs Resurface Against US Targets
  • Posted on:November 25, 2015 at 4:36 am
  • Posted in:Malware, Spam
  • Author:
    Ryan Flores (Threat Research Manager)
2

DRIDEX is steadily regaining its footing in the US just over a month after its takedown orchestrated by US and UK law enforcement agencies. Taking down servers is a significant step in crippling botnets, but unless all infrastructure are destroyed and all threat actors are caught, threats like DRIDEX are bound to resurface. As such, it…

Read More
Tags: DRIDEXfinancial spamonline banking malwareSpam
Page 3 of 97 « ‹ 234 › »

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Business Email Compromise

  • How can a sophisticated email scam cause more than $2.3 billion in damages to businesses around the world?
    See the numbers behind BEC

Latest Ransomware Posts

  • AdGholas Malvertising Campaign Employs Astrum Exploit Kit
  • Erebus Resurfaces as Linux Ransomware
  • Analyzing the Fileless, Code-injecting SOREBRECT Ransomware
  • Victims Lost US$1B to Ransomware
  • After WannaCry, UIWIX Ransomware and Monero-Mining Malware Follow Suit

Ransomware 101

  • This infographic shows how ransomware has evolved, how big the problem has become, and ways to avoid being a ransomware victim.
    Check the infographic

Popular Posts

  • Mouse Over, Macro: Spam Run in Europe Uses Hover Action to Deliver Banking Trojan
  • Erebus Resurfaces as Linux Ransomware
  • Analyzing the Fileless, Code-injecting SOREBRECT Ransomware
  • Analyzing Xavier: An Information-Stealing Ad Library on Android
  • MS17-010: EternalBlue’s Large Non-Paged Pool Overflow in SRV Driver

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.