• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Apple

The XcodeGhost Plague – How Did It Happen?

  • Posted on:September 21, 2015 at 8:44 pm
  • Posted in:Mobile
  • Author:
    Ju Zhu (Mobile Threats Analyst)
1

The iOS app store has traditionally been viewed as a safe source of apps, thanks to Apple’s policing of its walled garden. However, that is no longer completely the case, thanks to the discovery of multiple legitimate apps in the iOS app store that contained malicious code, which was dubbed XcodeGhost. So, how did  XcodeGhost…

Read More
Tags: AppleChinaiphonexcodeGhost

Sinking into the iOS Quicksand Vulnerability

  • Posted on:September 6, 2015 at 7:38 pm
  • Posted in:Mobile, Vulnerabilities
  • Author:
    Trend Micro
0

Our investigation on the iOS Quicksand vulnerability (designated with CVE-2015-5749) leads us to the conclusion that this security gap, despite its serious risks to confidential data, is difficult to exploit due to its required specific conditions. For instance, the MDM product must support and use the “push configuration” feature; this feature normally allows a device administrator…

Read More
Tags: AppleiOSquicksand

POC Shows Mac OS X UEFI Attacks Are Possible; What Does This Mean for Mac Users?

  • Posted on:June 8, 2015 at 9:06 pm
  • Posted in:Mac, Malware
  • Author:
    Moony Li (Threat Analyst)
0

A critical Mac vulnerability was discovered by OS X security researcher Pedro Vilaca last week. According to his research, any attacker can disable the BIOS lock just by taking advantage of a flaw in Apple’s S3 sleep state (more known as ‘standby mode’) suspend-resume implementation. Once an attacker does this, he can install bootkit malware onto a Mac BIOS without…

Read More
Tags: AppleBIOSbootkitMacOS XUEFI

FREAK Vulnerability Forces Weaker Encryption

  • Posted on:March 4, 2015 at 1:54 pm
  • Posted in:Vulnerabilities
  • Author:
    Trend Micro
1

Security researchers and news outlets are reporting about a newly discovered vulnerability believed to exist since the 90s. This vulnerability, dubbed as FREAK (Factoring RSA Export Keys), forces a secure connection to use weaker encryption—making it easy for cybercriminals to decrypt sensitive information. Vulnerable since the 1990s The flaw came about in the 1990s. Back…

Read More
Tags: androidAppleCVE-2015-0204FREAKOpenSSL

Pawn Storm Update: iOS Espionage App Found

  • Posted on:February 4, 2015 at 12:00 am
  • Posted in:Malware, Targeted Attacks
  • Author:
    Lambert Sun, Brooks Hong (Mobile Threat Analysts), Feike Hacquebord (Senior Threat Researcher)
13

In our continued research on Operation Pawn Storm, we found one interesting poisoned pawn—spyware specifically designed for espionage on iOS devices. While spyware targeting Apple users is highly notable by itself, this particular spyware is also involved in a targeted attack. Trend Micro™ Mobile Security detects and removes this threat. Download the app from the App…

Read More
Tags: AppleiOSMalwareOperation Pawn StormPawn Stormtargeted attacks
Page 2 of 7 ‹ 123 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.