• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Search results for: cerber

New Locky Ransomware Spotted in the Brazilian Underground Market, Uses Windows Script Files
  • Posted on:August 14, 2016 at 5:30 pm
  • Posted in:Malware, Ransomware, Spam
  • Author:
    Trend Micro
0

Like a game of cat and mouse, the perpetrators behind the Locky ransomware had updated their arsenal yet again with a new tactic—using Windows Scripting File (WSF) for the arrival method. WSF is a file that allows the combination of multiple scripting languages within a single file. Using WSF makes the detection and analysis of ransomware challenging since WSF files are not among the list of typical files that traditional endpoint solutions monitor for malicious activity.

However, the use of WSF files is no longer a novel idea since the same tactic was used in Cerber’s email campaign in May 2016. It would seem that the attackers behind Locky followed Cerber in using WSF files after seeing how such a tactic was successful in bypassing security measures like sandbox and blacklisting technologies.

Read More
Tags: Brazilian underground marketcrypto-ransomwareLocky Ransomware

R980 Ransomware Found Abusing Disposable Email Address Service
  • Posted on:August 10, 2016 at 11:40 pm
  • Posted in:Ransomware
  • Author:
    Trend Micro
0

Perhaps emboldened by the success of their peers, attackers have been releasing more ransomware families and variants with alarming frequency. The latest one added to the list is R980 (detected by Trend Micro as RANSOM_CRYPBEE.A).

R980 has been found to arrive via spam emails, or through compromised websites. Like Locky, Cerber and MIRCOP, spam emails carrying this ransomware contain documents embedded with a malicious macro (detected as W2KM_CRYPBEE.A) that is programmed to download R980 through a particular URL. From the time R980 was detected, there have been active connections to that URL since July 26th of this year.

Read More
Tags: crypto-ransomwaremacro malwareransomware

CrypMIC Ransomware Wants to Follow CryptXXX’s Footsteps
  • Posted on:July 20, 2016 at 1:57 am
  • Posted in:Bad Sites, Exploits, Ransomware
  • Author:
    Trend Micro
0

They say imitation is the sincerest form of flattery. Take the case of CrypMIC—detected by Trend Micro as RANSOM_CRYPMIC—a new ransomware family that mimics CryptXXX in terms of entry point, ransom notes and payment site UIs. CrypMIC’s perpetrators are possibly looking for a quick buck owing to the recent success of CryptXXX.

Read More
Tags: CrypMICCryptXXXNeutrino

How Endpoint Solutions Can Protect Businesses Against Ransomware
  • Posted on:July 18, 2016 at 9:05 am
  • Posted in:Malware, Ransomware
  • Author:
    Trend Micro
0

This year alone, the FBI predicted that the total loss to ransomware will reach a whopping US$1 billion. The ransomware business is booming, encouraging cybercriminals to expand their target base—from consumers to businesses, regardless of type and size.

Read More
Tags: application controlbehavior monitoringCERBERcrypto-ransomwareCryptoWallgateway solutionsJIGSAWLockyRAA ransomwareTeslacrypt

Why Ransomware Works: Arrival Tactics
  • Posted on:June 27, 2016 at 7:42 am
  • Posted in:Bad Sites, Malware, Ransomware, Spam
  • Author:
    Trend Micro
0

Apart from understanding the ransomware tactics and techniques beyond encryption, it is equally important to understand how they arrive in the environment. Our recent analysis reveals that majority of ransomware families can be stopped at the exposure layer—web and email. In fact, Trend Micro has blocked more than 66 million ransomware-related spam, malicious URLs, and threats from January to May 2016.

Read More
Tags: Angler Exploit KitCERBERcrypto-ransomwareCryptXXXexploit kitsLockyNeutrino exploit kitpetyarig exploit kitTeslacryptTorrentLocker
Page 6 of 7 « ‹ 567 ›

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.