BEC Will Reach Two Levels Deeper

  In our predictions report for 2019, “Mapping the Future: Dealing with Pervasive and Persistent Threats,” we foresaw an increase in the rate of BEC (business email compromise) attacks: “Business email compromise will go two levels down in the org chart.” From the report:     “Business email compromise (BEC) remains a very potent and … [Read more…]

This Week in Security News: Risky Radio Remotes and Cybercrime

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Trend Micro’s new research on radio frequency technology and the risks of radio remote controllers. Also, understand why there is a rise in physical crime … [Read more…]

Google Play Apps Drop Anubis Banking Malware, Use Motion-based Evasion Tactics

by Kevin Sun We recently found two malicious apps on Google Play that drop wide-reaching banking #malware. The two apps were disguised as useful tools, simply named Currency Converter and BatterySaverMobi. Google has confirmed that both these apps are no longer on the Play Store. The battery app logged more than 5,000 downloads before it … [Read more…]

New Magecart Attack Delivered Through Compromised Advertising Supply Chain

by Chaoying Liu and Joseph C. Chen On January 1, we detected a significant increase in activity from one of the web skimmer groups we’ve been tracking. During this time, we found their malicious skimming code (detected by Trend Micro as JS_OBFUS.C.) loaded on 277 e-commerce websites providing ticketing, touring, and flight booking services as … [Read more…]

follow me

Follow my blog with Bloglovin

Demonstrating Command Injection and E-Stop Abuse Against Industrial Radio Remote Controllers

by Trend Micro Research Radio frequency (RF) protocols used to control industrial machines support simple operations such as turning on a motor, lifting a load, or maneuvering a heavy-duty vehicle. These commands are sent over the air, and one of the obvious problems that have cropped up is the possibility of an attacker, armed with … [Read more…]

This Week in Security News: Adware and Ransomware

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about an adware that disguised itself as different apps and monitors mobile devices. Also, learn more about the different ransomware attacks Trend Micro has been tracking. … [Read more…]

January Patch Tuesday: First Bulletin of 2019 has Fixes for DHCP and Microsoft Exchange Vulnerabilities

In the last few months of 2018, Microsoft’s regular security releases included patches for vulnerabilities that were actively being exploited. Thankfully, 2019 started off relatively smoothly with 49 security patches and two advisories — seven of these vulnerabilities were rated Critical and 40 were Important. Ten of these were disclosed through the Zero Day Initiative … [Read more…]