XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

By Mac Threat Response and Mobile Research Team We have discovered an unusual infection related to Xcode developer projects. Upon further investigation, we discovered that a developer’s Xcode project at large contained the source malware, which leads to a rabbit hole of malicious payloads. Most notable in our investigation is the discovery of two zero-day … [Read more…]

Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts

By Marshall Chen, Loseway Lu, Yorkbing Yap, and Fyodor Yarochkin (Trend Micro Research) A series of ongoing business email compromise (BEC) campaigns that uses spear-phishing schemes on Office 365 accounts has been seen targeting business executives of over 1,000 companies across the world since March 2020. The recent campaigns target senior positions in the United … [Read more…]

Whats So Strategic About the Trend Micro and Snyk Partnership?

What does a partnership between Trend Micro and Snyk mean for you, the customer? Can you really develop and deploy applications anywhere without security slowing you down? Greg Young, VP of Cybersecurity for Trend Micro, explains how the partnership benefits Trend Micro and gives our customers an extra edge in their security platform. The post … [Read more…]

Short October Patch Tuesday Includes Remote Desktop Client, Browser, and Authentication Patches

October’s Patch Tuesday is relatively modest, with Microsoft releasing a total of 59 patches. However, this shorter list still warrants attention. Nine of the 59 were still identified as Critical, while the remaining 50 were labeled Important. Most of the critical bulletins were for various Internet Explorer and Microsoft Edge vulnerabilities, with one covering a … [Read more…]

Decrypting What Zero Trust Is, And What It Likely Isn’t

It’s always an indicator of confusion when instead of hearing “I want Q” I’m asked “what is Q?”. In this case the ‘Q’ is Zero Trust.  I’ll try and give my best take on what I understand Zero Trust to be. History Repeats Let’s start with the background. Quite a while back the Jericho Forum … [Read more…]

In Identity Theft the Target is You!

The hard truth is that identity data is the new gold—and criminal panhandlers are mining it for sale and distribution on the Dark Web. Indeed, the internet provides ways for big data breaches to result in disastrous leaks of huge databases of personal information, resulting in detailed profiles of individuals—based on their internet behaviors, including … [Read more…]

New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign

By Jaromir Horejsi and Joseph C. Chen (Threat Researchers) We found a new modular fileless botnet malware, which we named “Novter,” (also reported and known as “Nodersok” and “Divergent”) that the KovCoreG campaign has been distributing since March. We’ve been actively monitoring this threat since its emergence and early development, and saw it being frequently … [Read more…]

This Week in Security News: Fake Apps on iOS and Google Play and Social Media Security Issues

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the evolution of EDR to XDR (and why your CISO should care), stock trading app attacks and fake gambling apps. Also, read about how Instagram … [Read more…]

Gambling Apps Sneak into Top 100: How Hundreds of Fake Apps Spread on iOS App Store and Google Play

By Todd Han and Junzhi Lu (Mobile Threats Analysts) Google Play and iOS App store are no strangers to fake apps trying to trick users into downloading ad- or malware-ridden versions. We have previously reported on fake Android voice apps on Google Play, which were observed to be impostor apps for voice messenger platforms. Recently, … [Read more…]

Why Should CISOs Care About XDR?

We have been collectively saying in our industry for the last 15-20 years that a layered approach to your security stack is a “best practice,” but as with all best practices, these are ideals rather than reality for so many charged with protecting their organizations. The vast majority of CISOs are saddled with legacy operating … [Read more…]