Categories
Anti-malware

Hiding in Plain Text: Jenkins Plugin Vulnerabilities

By David Fiser (Senior Cyber Threat Researcher) Jenkins is a widely used open-source automation server that allows DevOps developers to build, test, and deploy software efficiently and reliably. In order to make the most out of Jenkins’ modular architecture, developers make use of plugins that help extend its core features, allowing them to expand the […]

Categories
Anti-malware

‘Heatstroke’ Campaign Uses Multistage Phishing Attack to Steal PayPal and Credit Card Information

By Jindrich Karasek (Threat Researcher) Despite having an apparent lull in the first half of 2019, phishing will remain a staple in a cybercriminal’s arsenal, and they’re not going to stop using it. The latest example is a phishing campaign dubbed Heatstroke, based on a variable found in their phishing kit code. Heatstroke demonstrates how […]

Categories
Anti-malware

Three Common Email Security Mistakes That MSPs Make

  MSPs can generate recurring revenue by being proactive about educating customers about email threats and how to defeat them—if they avoid three common mistakes.   Businesses have come to rely on cloud email and file-sharing applications for communication and productivity. But, too often, they assume these platforms’ built-in security delivers enough protection against email-borne […]

Categories
Anti-malware

TA505 At It Again: Variety is the Spice of ServHelper and FlawedAmmyy

By Hara Hiroaki, Jaromir Horejsi, and Loseway Lu (Threats Analysts) TA505 continues to show that as a cybercriminal group, they intend to wreak as much havoc while maximizing potential profits. Given the group’s active campaigns since our updates in June and July, we continued following their latest campaigns. Just like in previous operations, they continue […]

Categories
Anti-malware

Trend Micro Named A Leader in 2019 Gartner Magic Quadrant for Endpoint Protection Platforms

Leadership. It’s a weighty term, although frequently it is used too lightly and all too often it’s a self-declared position. We believe, leaders can come and go, and leadership can be fleeting depending on the factors for long term success. It is for all these reasons, that we are proud, not only to be in […]

Categories
Anti-malware

Asruex Backdoor Variant Infects Word Documents and PDFs Through Old MS Office and Adobe Vulnerabilities

By Ian Mercado and Mhica Romero Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old […]

Categories
Anti-malware

The Sky Has Already Fallen (you just haven’t seen the alert yet)

Of course, the much-touted “Cybersecurity Skills Shortage” isn’t news to anyone, or it shouldn’t be. For seven or more years, journalists, industry analysts and practitioners have been opining about it one way or another. Analyses and opinions vary on how we have reached this impasse, my own being that this is a largely self-inflicted crisis […]

Categories
Anti-malware

How Do Threats Align With Detection And Solutions?

There are many different threats targeting many different areas of a corporate network. Have you ever wondered how those threats are stopped? What threats impact which areas of a network? What technology detects and blocks those threats? I wanted to build an interactive graphic to answer those questions. This interactive infographic can help you understand […]

Categories
Anti-malware

This Week in Security News: Phishing Campaigns and a Biometric Data Breach

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about ever-increasing amounts of phishing campaigns and how Trend Micro caught 2.4 million attacks of this type — a 59% increase from 1.5 million in the […]

Categories
Anti-malware

Uncovering a MyKings Variant With Bootloader Persistence via Managed Detection and Response

by Miguel Ang, Erika Mendoza and Buddy Tancio In May, during the Managed Detection and Response service on-boarding process of an electronics company in the Asia-Pacific region, we noticed suspicious activity via the Trend Micro Deep Discovery Inspector that turned out to be related to EternalBlue, an exploit perhaps more popularly known for being used in […]