• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   machine learning

A Machine Learning Model to Detect Malware Variants

  • Posted on:March 13, 2019 at 6:01 am
  • Posted in:Machine Learning, Malware
  • Author:
    Trend Micro
0

When malware is difficult to discover — and has limited samples for analysis — we propose a machine learning model that uses adversarial autoencoder and semantic hashing to find what bad actors try to hide. We, along with researchers from the Federation University Australia, discussed this model in our study titled “Generative Malware Outbreak Detection.”

Read More
Tags: Adversarial AutoencoderGenerative Adversarial Networkmachine learningMalwareSemantic Hashing

Using Machine Learning to Cluster Malicious Network Flows From Gh0st RAT Variants

  • Posted on:November 13, 2018 at 2:00 am
  • Posted in:Machine Learning, Malware
  • Author:
    Trend Micro
0

Cybercriminals have become more and more creative and efficient in their efforts to successfully bypass network security. Reports of unauthorized network intrusions that have compromised enterprise security, resources, and data, plague experts on a day-to-day basis, and will continue to do so if not prevented by a more efficient detection system or method. Currently, attackers use polymorphism, encryption, and obfuscation, among other techniques, to automate and increase variants in an attempt to evade traditional intrusion detection methods such as rule-based techniques.

To address these growing number of network threats and keep abreast with the changing sophistication of network intrusion methods, Trend Micro looked into network flow clustering — a method that leverages the power of machine learning in strengthening current intrusion detection techniques.

Read More
Tags: Gh0st RATmachine learningnetwork intrusion attacks

SettingContent-ms can be Abused to Drop Complex DeepLink and Icon-based Payload

  • Posted on:October 19, 2018 at 6:15 am
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Trend Micro
0

Microsoft’s SettingContent-ms has become a recent topic of interest. In July, we saw one spam campaign use malicious SettingContent-ms files embedded in a PDF to drop the remote access Trojan FlawedAmmyy, a RAT also used by the Necurs botnet. That campaign was mostly targeting banks in different countries across Asia and Europe.

Read More
Tags: machine learningmalicious fileMicrosoft

A Closer Look at the Locky Poser, PyLocky Ransomware

  • Posted on:September 10, 2018 at 5:02 am
  • Posted in:Ransomware, Spam
  • Author:
    Trend Micro
0

While ransomware has noticeably plateaued in today’s threat landscape, it’s still a cybercriminal staple. In fact, it saw a slight increase in activity in the first half of 2018, keeping pace by being fine-tuned to evade security solutions, or in the case of PyLocky (detected by Trend Micro as RANSOM_PYLOCKY.A), imitate established ransomware families and ride on their notoriety.

In late July and throughout August, we observed waves of spam email delivering the PyLocky ransomware. Although it tries to pass off as Locky in its ransom note, PyLocky is unrelated to Locky. PyLocky is written in Python, a popular scripting language; and packaged with PyInstaller, a tool used to package Python-based programs as standalone executables.

Read More
Tags: machine learningPyLockyransomwareSpam

Using Insights From DefPloreX-NG to Thwart Web Defacement Attacks

  • Posted on:June 7, 2018 at 3:30 am
  • Posted in:Bad Sites, Machine Learning
  • Author:
    Trend Micro Forward-Looking Threat Research Team
0

The ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS) is an avenue for cybersecurity research breakthroughs, techniques, and tools. At the ACM ASIACCS 2018 in Incheon, South Korea, we presented our research using DefPloreX-NG, a tool for identifying and tracking web defacement campaigns using historical and live data. “DefPloreX-NG” is a play on the phrase “defacement explorer.” The appended “NG” acronym means “Next Generation,” signifying improvements from the previous version of the tool. DefPloreX-NG is equipped with an enhanced machine learning algorithm and new visualization templates to give security analysts and other professionals a better understanding of web defacement campaigns.

Read More
Tags: CERTsDefPloreX-NGmachine learningweb defacement
Page 1 of 212

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.