BusyGasper – the unfriendly spy
In early 2018 our mobile intruder-detection technology was triggered by a suspicious Android sample that, as it turned out, belonged to an unknown spyware family. Further investigation showed that the malware, which we named BusyGasper, is not all that sophisticated, but demonstrates some unusual features for this type of threat. From a technical point of […] more…The rise of mobile banker Asacub
We encountered the Trojan-Banker.AndroidOS.Asacub family for the first time in 2015, when the first versions of the malware were detected, analyzed, and found to be more adept at spying than stealing funds. The Trojan has evolved since then, aided by a large-scale distribution campaign by its creators (in spring-summer 2017), helping Asacub to claim top […] more…Back-to-School Cybersecurity 101: #RT2Win an A+ Worthy Prize
The days are getting shorter and your bags are (finally) unpacked from the annual family vacation. Summer is officially coming to an end, and parents and kids are switching gears from hot afternoons filled with play dates and summer camp to early mornings and long school days. But as fun as a new school year […] more…Sharing and Caring
How To Safely Post Images Of Your Kids Online I’m not a big sharer online but I do love popping up a few pics of an important family milestone on Facebook. Whether it’s a child starting a new school, an amazing family holiday or a hilarious birthday pic, sharing family snaps online is a great […] more…Maintaining a Culture of Security Requires Ongoing Attention
Creating a culture that emphasizes a security-first mindset requires more than just updating the vision statement. HR professionals and people managers know very well that creating a sustainable organizational culture that makes any company vision a reality is a never-ending work in progress. Simply introducing the vision and values, and creating a sense of buy-in […] more…Check for the Security-First Mindset Across All Teams
We know we need to encourage our teams to think security-first across every department. But what does this really mean in a practical application? For security companies, it might be less of a leap to bring a security mindset to legal, procurement, or marketing teams. For organizations with their core business in another industry, it […] more…Train your Cybersecurity Team for Peak Performance
Whether you’re racing to fill cybersecurity jobs to keep up with the changing threat landscape or support your company’s rapid growth, getting your team trained and at the top of their game is a high priority. You need to ensure all new hires are operating with the same baseline of knowledge and skills as your […] more…Operation AppleJeus: Lazarus hits cryptocurrency exchange with fake installer and macOS malware
Overview Lazarus has been a major threat actor in the APT arena for several years. Alongside goals like cyberespionage and cybersabotage, the attacker has been targeting banks and other financial companies around the globe. Over the last few months, Lazarus has successfully compromised several banks and infiltrated a number of global cryptocurrency exchanges and fintech […] more…Dark Tequila Añejo
Dark Tequila is a complex malicious campaign targeting Mexican users, with the primary purpose of stealing financial information, as well as login credentials to popular websites that range from code versioning repositories to public file storage accounts and domain registrars. A multi-stage payload is delivered to the victim only when certain conditions are met; avoiding […] more…Back to School: 5 Cybersecurity Habits to Teach Your Kids
With back-to-school time already here, cybersecurity should be at the forefront of every parent’s mind. Kids are exposed to more devices – both in the classroom and at home. While their school may already be taking precautions to protect their data while they’re in the classroom, and many of their personal phones have parental controls […] more…Use-after-free (UAF) Vulnerability CVE-2018-8373 in VBScript Engine Affects Internet Explorer to Run Shellcode
by Elliot Cao (Trend Micro Security Research) with Trend Micro’s Zero Day Initiative (ZDI) We discovered a high-risk Internet Explorer (IE) vulnerability in the wild on July 11, just a day after Microsoft’s July Patch Tuesday. We immediately sent Microsoft the details to help fix this flaw. While this vulnerability, now designated as CVE-2018-8373, affects […] more…Microsoft Cortana Allows Browser Navigation Without Login: CVE-2018-8253
A locked Windows 10 device with Cortana enabled on the lock screen allows an attacker with physical access to the device to do two kinds of unauthorized browsing. In the first case, the attacker can force Microsoft Edge to navigate to an attacker-controlled URL; in the second, the attacker can use a limited version of […] more…Spam and phishing in Q2 2018
Quarterly highlights GDPR as a phishing opportunity In the first quarter, we discussed spam designed to exploit GDPR (General Data Protection Regulation), which came into effect on May 25, 2018. Back then spam traffic was limited to invitations to participate in workshops and other educational events and purchase software or databases. We predicted that fraudulent […] more…Back to School: Cybersecurity in the Classroom
It’s hard to believe that summer is coming to an end and that back-to-school time is around the corner. For some kids, that means cyberbullies are traded in for school bullies and social engagement will turn into in-person interactions. But for others — dubbed Extreme Internet Users — the screen stays. When it comes time […] more…KeyPass ransomware
In the last few days, our anti-ransomware module has been detecting a new variant of malware – KeyPass ransomware. Others in the security community have also noticed that this ransomware began to actively spread in August: Notification from MalwareHunterTeam Distribution model According to our information, the malware is propagated by means of fake installers that […] more…80 to 0 in Under 5 Seconds: Falsifying a Medical Patient’s Vitals
The author thanks Shaun Nordeck, MD, for his assistance with this report. With the explosion of growth in technology and its influence on our lives, we have become increasingly dependent on it. The medical field is no exception: Medical professionals trust technology to provide them with accurate information and base life-changing decisions on this data. McAfee’s […] more…More information
- The Upload: Your tech news briefing for Thursday, April 9
- Congress Blocks Yahoo Mail and Google Appspot
- HealthCare.gov breached, injected with malware
- Microsoft Internet Explorer CVE-2012-1875 Same ID Property Remote Code Execution Vulnerability
- Microsoft Windows Open Type Font CVE-2016-7256 Remote Code Execution Vulnerability
- Zoom explained: Understanding (and using) the popular video chat app
- Mac Malware Steals Browser Cookies, Sensitive Data
- “You dirty RAT” – Spy versus Spy in the cybercrime underworld
- Security researcher highlights macOS remote exploit w/ custom URL schemes
- Holiday hucksters won’t stop at Cyber Monday