ThinkPHP Vulnerability Abused by Botnets Hakai and Yowai

By Augusto Remillano II Cybercriminals are exploiting a ThinkPHP vulnerability — one that was disclosed and patched in December 2018 — for botnet propagation by a new Mirai variant we’ve called Yowai and Gafgyt variant Hakai. Cybercriminals use websites created using the PHP framework to breach web servers via dictionary attacks on default credentials and … [Read more…]

Impacts to Enterprise Security: A Look at as-a-service Attacks

Ever since certain solutions have begun being offered “as-a-service,” the market for this method of delivery has exploded. Now, elements like software-as-a-service, infrastructure-as-a-service and platform-as-a-service are key mainstay components of enterprise IT, with the market values to prove it. According to MarketWatch, the global SaaS market is on track to expand by a more than … [Read more…]

Protecting Critical Infrastructure and Roadways: How Smart Cities Create New Risks

Advanced technology has changed countless facets of everyday life, from internal enterprise processes to consumer pursuits and beyond. Even the design, management and support for large and small cities has shifted thanks to innovative smart city systems. While advanced components to support utilities, critical infrastructure, traffic and more can bring numerous benefits, these solutions also open … [Read more…]

Going In-depth with Emotet: Multilayer Operating Mechanisms

Over a period of just five years, Emotet has managed to evolve into one of the most notorious cyber threats in existence – one that causes incidents that cost up to $1 million dollars to rectify, according to US-CERT. We recently reported about Emotet’s activities as well as its two infrastructure setups. This follow-up blog … [Read more…]

BEC Will Reach Two Levels Deeper

  In our predictions report for 2019, “Mapping the Future: Dealing with Pervasive and Persistent Threats,” we foresaw an increase in the rate of BEC (business email compromise) attacks: “Business email compromise will go two levels down in the org chart.” From the report:     “Business email compromise (BEC) remains a very potent and … [Read more…]

This Week in Security News: Risky Radio Remotes and Cybercrime

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Trend Micro’s new research on radio frequency technology and the risks of radio remote controllers. Also, understand why there is a rise in physical crime … [Read more…]

Google Play Apps Drop Anubis Banking Malware, Use Motion-based Evasion Tactics

by Kevin Sun We recently found two malicious apps on Google Play that drop wide-reaching banking #malware. The two apps were disguised as useful tools, simply named Currency Converter and BatterySaverMobi. Google has confirmed that both these apps are no longer on the Play Store. The battery app logged more than 5,000 downloads before it … [Read more…]

New Magecart Attack Delivered Through Compromised Advertising Supply Chain

by Chaoying Liu and Joseph C. Chen On January 1, we detected a significant increase in activity from one of the web skimmer groups we’ve been tracking. During this time, we found their malicious skimming code (detected by Trend Micro as JS_OBFUS.C.) loaded on 277 e-commerce websites providing ticketing, touring, and flight booking services as … [Read more…]

follow me

Follow my blog with Bloglovin

Demonstrating Command Injection and E-Stop Abuse Against Industrial Radio Remote Controllers

by Trend Micro Research Radio frequency (RF) protocols used to control industrial machines support simple operations such as turning on a motor, lifting a load, or maneuvering a heavy-duty vehicle. These commands are sent over the air, and one of the obvious problems that have cropped up is the possibility of an attacker, armed with … [Read more…]