By: Hiroyuki Kakara and Kazuki Fujisawa, Cyber Threat Research Team We discovered a potential targeted attack that makes use of legitimate script engine AutoHotkey, in combination with malicious script files. This file is distributed as an email attachment and disguised as a legitimate document with the filename “Military Financing.xlsm.” The user would need to enable… Continue reading Potential Targeted Attack Uses AutoHotkey and Malicious Script Embedded in Excel File to Avoid Detection
Month: April 2019
Continuing Education On Cyber Threats And Defenses
Anyone who has been in cybersecurity for any length of time knows, the threat landscape is constantly changing and requires regularly monitoring of news, blogs, podcasts, and other ways to ensure you know what is happening today. I have tried to bring this information to the public since starting my monthly threat webinar series in… Continue reading Continuing Education On Cyber Threats And Defenses
Google Play and Microsoft Stores Delete Suspected Compromised Apps
Recently, Google Play Store and Microsoft Store both deleted multiple applications from their online stores, because the apps were malicious. Google deleted a total of 29 beauty camera apps from its Play Store, most of which show users pornographic contents or send them to phishing websites. The malicious beauty camera apps, discovered by Trend Micro, looked legitimate, but… Continue reading Google Play and Microsoft Stores Delete Suspected Compromised Apps
Account With Admin Privileges Abused to Install BitPaymer Ransomware via PsExec
By Gilbert Sison and Ryan Maglaque Ransomware may have experienced a decline in 2018, but it seems to be getting back on track — only this time, attacks are looking to be more targeted. Coming on the heels of news about a ransomware attack against a U.S. beverage company which addressed the company by name… Continue reading Account With Admin Privileges Abused to Install BitPaymer Ransomware via PsExec
This Week in Security News: 5G Security and Tax Scams
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about cybersecurity and data concerns in 5G. Also, learn about cybercriminal threats during tax season. Read on: Securing Enterprises for 5G Connectivity For the advantages of… Continue reading This Week in Security News: 5G Security and Tax Scams
Miner Malware Spreads Beyond China, Uses Multiple Propagation Methods Including EternalBlue, Powershell Abuse
By Augusto Remillano II and Arvin Macaraeg We detected a malware that uses multiple propagation and infection methods to drop a Monero cryptocurrency miner onto as many systems and servers as possible. Initially observed in China in early 2019, the methods it previously used to infect networks involved accessing weak passwords and using pass-the-hash technique,… Continue reading Miner Malware Spreads Beyond China, Uses Multiple Propagation Methods Including EternalBlue, Powershell Abuse
April’s Patch Tuesday Fixes Two Vulnerabilities Being Exploited in the Wild
Microsoft’s April security update includes fixes for 74 CVEs, including two vulnerabilities that are actively exploited in the wild. Of the vulnerabilities patched in this update, 13 are rated Critical and 61 are rated Important. The patches this month cover a significant number of Microsoft products and services, namely: Internet Explorer, Edge, Windows, ChakraCore, Microsoft… Continue reading April’s Patch Tuesday Fixes Two Vulnerabilities Being Exploited in the Wild
How Likely Is Your Organization to Be Breached?
Trend Micro and the Ponemon Institute teamed up to produce a new Cyber Risk Index (CRI), which will be updated every six months. Today I want to dive a bit deeper into the results found in the inaugural survey that went out to more than 1,000 IT professionals and executives within organizations based in the… Continue reading How Likely Is Your Organization to Be Breached?
Dallas Start-Ups: Pitch Us Your Ideas for a Smarter Connected World
At Trend Micro we’ve spent the past three decades successfully solving problems for our customers. It’s helped us to become a leading provider of services to secure the connected world. But we’re not done there. We also want to find and learn from the technology innovators and problem-solvers of tomorrow. That’s why our venture arm,… Continue reading Dallas Start-Ups: Pitch Us Your Ideas for a Smarter Connected World
Patch With March macOS Updates: Vulnerabilities May Expose Restricted Information, Enable Arbitrary Code Execution
By Juwei Lin Apple posted security updates for macOS vulnerabilities, two of which were disclosed by Trend Micro. CVE-2019-8519 is a bug in the graphic drivers installed in macOS Mojave 10.14.3 involving out-of-bound memory reading (OOB). The vulnerability can allow access to restricted information as it leads to a buffer overflow or segmentation fault. CVE-2019-8529… Continue reading Patch With March macOS Updates: Vulnerabilities May Expose Restricted Information, Enable Arbitrary Code Execution