Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the banking malware Anubis that has been retooled for use in fresh attack waves. Also, read about a new phishing campaign that uses OneNote audio… Continue reading This Week in Security News: Banking Malware and Phishing Campaigns
Month: July 2019
iOS URL Scheme Susceptible to Hijacking
by Lilang Wu, Yuchen Zhou, Moony Li Apple manages application security and privacy concerns by using a sandbox mechanism for iOS that constrains the reachable resources for each application. This was created to contain damage if an app was compromised, and all apps distributed through the App Store adopt it. However, because of this access… Continue reading iOS URL Scheme Susceptible to Hijacking
Migrating Network Protection to the Cloud with Confidence
For modern organizations, speed and agility is the key to success – built on enhanced IT efficiency and performance driven by the cloud. Anything less could see your business outpaced by the competition. As always, security must be a priority when migrating to the cloud, but network teams are being let down by existing tools.… Continue reading Migrating Network Protection to the Cloud with Confidence
New Miori Variant Uses Unique Protocol to Communicate with C&C
By: Makoto Shimamura, Cyber Threat Research Team We first detailed a new Mirai variant called Miori in a report late last year after finding the malware spreading via a ThinkPHP Remote Code Execution (RCE) vulnerability. It has recently reappeared bearing a notable difference in the way it communicates with its command-and-control (C&C) server. This Miori… Continue reading New Miori Variant Uses Unique Protocol to Communicate with C&C
Where Will Ransomware Go In The Second Half Of 2019?
Ransomware has been an evolutionary malware family that continues to shift and change over the years. From the first fakeAV, to police ransomware, to the now oft-used crypto-ransomware, this threat just will not go away. Based on the latest trends, we predict this threat will grow in the second half of this year. At Trend… Continue reading Where Will Ransomware Go In The Second Half Of 2019?
July’s Patch Tuesday Fixes Critical Flaws in Microsoft Edge and Internet Explorer, Including 2 Exploited Vulnerabilities
It’s time to get vulnerable installations patched. Microsoft’s July Patch Tuesday release includes updates for almost 80 vulnerabilities, along with two advisories. Critical patches covered in the release include fixes for Windows DHCP Server, Azure DevOps Server and Team Foundation Server, and .NET Framework, namely assigned as CVE-2019-0785, CVE-2019-1072, and CVE-2019-1113. Other flaws in Azure… Continue reading July’s Patch Tuesday Fixes Critical Flaws in Microsoft Edge and Internet Explorer, Including 2 Exploited Vulnerabilities
Trend Micro Named Best Company To Work For In Taiwan
Trend Micro prides itself on caring first about people – both in our external mission and internally with our employees. As this issue is close to the hearts of our executives, we are always very proud to be recognized by related awards. The HR Asia Awards Taiwan recently named Trend Micro as one of their… Continue reading Trend Micro Named Best Company To Work For In Taiwan
Anubis Android Malware Returns with Over 17,000 Samples
By: Tony Bao (Mobile Threats Analyst) The 2018 mobile threat landscape had banking trojans that diversified their tactics and techniques to evade detection and further monetize their malware — and in the case of the Anubis Android malware, retooled for other malicious activities. Anubis underwent several changes since it first emerged, from being used for… Continue reading Anubis Android Malware Returns with Over 17,000 Samples
Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi
By: Hara Hiroaki and Loseway Lu (Threats Analysts) Since our last research on TA505, we have observed new activity from the group that involves campaigns targeting different countries over the last few weeks. We found them targeting countries in the Middle East such as United Arab Emirates and Saudi Arabia, as well as other countries… Continue reading Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi
A Quick and Efficient Method For Locating the main() function of Linux ELF Malware Variants
Linux is a family of open source operating systems (OS) commonly used to run internet of things (IoT) devices and web servers. The prevalence of the OS, as expected, has turned it into a valuable target for cybercriminals casting wide nets to reach more potential victims. In the past few years, Linux systems have been… Continue reading A Quick and Efficient Method For Locating the main() function of Linux ELF Malware Variants