• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source

Machine-to-Machine (M2M) Technology Design Issues and Implementation Vulnerabilities
  • Posted on:December 4, 2018 at 5:02 am
  • Posted in:Internet of Things, Vulnerabilities
  • Author:
    Federico Maggi (Senior Threat Researcher)
0

We delve into the protocol security issues that may crop up from a technology perspective. The scarce awareness that we’ve observed around the current state of MQTT and CoAP can enable attackers in achieving their goals, ranging from reconnaissance and lateral movement to remote control and targeted attacks.

Read More
Tags: CoAPiiotM2MMQTTprotocols

New PowerShell-based Backdoor Found in Turkey, Strikingly Similar to MuddyWater Tools
  • Posted on:November 30, 2018 at 2:42 am
  • Posted in:Malware, Targeted Attacks
  • Author:
    Jaromir Horejsi (Threat Researcher)
0

MuddyWater is a well-known threat actor group that has been active since 2017. They have regularly targeted various organizations in Middle East and Central Asia, primarily using spear phishing emails with malicious attachments. We recently observed a few interesting delivery documents with similarities to the known MuddyWater tools, techniques and procedures.

Read More
Tags: backdoorphishingPowershellsocial engineering

Water and Energy Sectors Through the Lens of the Cybercriminal Underground
  • Posted on:November 29, 2018 at 4:58 am
  • Posted in:Internet of Things
  • Author:
    Trend Micro
0

In our research Exposed and Vulnerable Critical Infrastructure: Water and Energy Industries, we not only found exposed industrial control system (ICS) human machine interfaces (HMIs) but also pointed out how these systems were at risk. This risk is corroborated by the active interest in water and energy ICSs shown by different kinds of cybercriminal groups.

Read More
Tags: critical infrastructuresICSiiotindustrial internet of thingsinternet of thingsIOT

Proofs of Concept Abusing PowerShell Core: Caveats and Best Practices
  • Posted on:November 28, 2018 at 11:54 pm
  • Posted in:Exploits, Malware
  • Author:
    Trend Micro
0

We explored possible strategies attackers can employ when abusing PowerShell Core. These proofs of concept (PoCs) would help in better understanding — and in turn, detecting and preventing — the common routines and behaviors of possible and future threats that attackers might use. The PoCs we developed using PowerShell Core were conducted on Windows, Linux, and mac OSs. Most of the techniques we applied can be seen from previous threats involving PowerShell-based functionalities, such as the fileless KOVTER and POWMET. The scenarios in our PoCs are also based on the PowerShell function they use.

Read More
Tags: PowershellPowerShell Core

Fake Voice Apps on Google Play, Botnet Likely in Development
  • Posted on:November 27, 2018 at 4:57 am
  • Posted in:Bad Sites, Botnets, Malware, Mobile
  • Author:
    Trend Micro
0

Several apps on Google Play posing as legitimate voice messenger platforms have automated functions such as fake survey pop-ups and fraudulent ad clicks. Observed variants were deployed one by one since October, with its evolution including evasive techniques and its infection behavior divided into several stages, as well as botnet codes possibly indicative of future attacks.

Read More
Tags: androidappsbotnetGoogleMalware
Page 2 of 764 ‹ 123 › »

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Exploring Emotet: Examining Emotet’s Activities, Infrastructure
  • Perl-Based Shellbot Looks to Target Organizations via C&C
  • December Patch Tuesday: Year-End Batch Addresses Win32k Elevation of Privilege and Windows DNS Server Vulnerabilities
  • Fake Banking App Found on Google Play Used in SMiShing Scheme
  • TrickBot’s Bigger Bag of Tricks

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.