• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   sandbox

New Malicious Macro Evasion Tactics Exposed in URSNIF Spam Mail

  • Posted on:October 18, 2017 at 4:59 am
  • Posted in:Malware
  • Author:
    Trend Micro
0

by John Anthony Bañes Malicious macros are commonly used to deliver malware payloads to victims, usually by coercing victims into enabling the macro sent via spam email. The macro then executes a PowerShell script to download ransomware or some other malware. Just this September EMOTET, an older banking malware, leveraged this method in a campaign that…

Read More
Tags: macrosandboxSpam

Deploying a Smart Sandbox for Unknown Threats and Zero-Day Attacks

  • Posted on:February 20, 2015 at 2:30 am
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Weimin Wu (Threat Analyst)
0

Zero-day exploits pose some of the most serious risks to users everywhere. The absence of a patch means that it is up to users (and whatever security products they use) to protect against these attacks. One of the tools that can be used in mitigating these attacks is advanced network detection solutions like Trend Micro Deep Discovery,…

Read More
Tags: 0dayexploit kitExploitssandboxVulnerabilitieszero day

CVE-2015-0016: Escaping the Internet Explorer Sandbox

  • Posted on:January 27, 2015 at 11:04 pm
  • Posted in:Vulnerabilities
  • Author:
    Henry Li (Threats Analyst )
3

Part of this January’s Patch Tuesday releases was MS15-004, which fixed a vulnerability that could be used in escalation of privilege attacks. I analyzed this vulnerability (designated as CVE-2015-0016) because it may be the first vulnerability in the wild that showed the capability to escape the Internet Explorer sandbox. As sandboxing represents a key part…

Read More
Tags: CVE-2015-0016Internet Explorersandbox

Escaping the Internet Explorer Sandbox: Analyzing CVE-2014-6349

  • Posted on:December 3, 2014 at 8:00 pm
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Jack Tang (Threats Analyst)
0

Applications that have been frequently targeted by exploits frequently add sandboxes to their features in order to harden their defenses against these attacks. To carry out a successful exploit, an attacker will have to breach these sandboxes to run malicious code. As a result, researchers will pay particular attention to exploits that are able to…

Read More
Tags: CVE-2014-6349Internet Explorersandboxvulnerability

Heuristic Scanning and Sandbox Protection: Best of Both Worlds

  • Posted on:July 14, 2014 at 4:02 am
  • Posted in:Exploits, Targeted Attacks
  • Author:
    Chingo Liao and Kuanyu Chen (Threats Analysts)
0

We have been dealing with targeted attacks and know that there is no single technology that can practicably defend an organization’s network against these high-impact campaigns. This is sad, true, but it does mean there are ways to harness security technologies like sandboxing and heuristic scanning so that they work together to protect as a…

Read More
Tags: 0-dayheuristicssandboxtargeted attackszero day

Security Predictions for 2019

  • Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape. We have categorized them according to the main areas that are likely to be affected, given the sprawling nature of the technological and sociopolitical changes under consideration.
    Read our security predictions for 2019.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Mac Backdoor Linked to Lazarus Targets Korean Users
  • Microsoft November 2019 Patch Tuesday Reveals 74 Patches Before Major Windows Update
  • New Magecart Attack Delivered Through Compromised Advertising Supply Chain
  • September Patch Tuesday Bears More Remote Desktop Vulnerability Fixes and Two Zero-Days
  • 49 Disguised Adware Apps With Optimized Evasion Features Found on Google Play

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.