Hit the brakes! Did Your Car Just Get Hacked?
Could your car be the next target of a cyber attack? You might not think so, but new research has shown otherwise. The overall safety of your vehicle used to be rather straightforward to maintain with tune-ups, replaced brake pads, flushes and other scheduled upkeep. Unfortunately, with the incorporation of computer systems into newer car […] more…Smart Apps to Keep Your Teen from Texting and Driving
If you are like most parents, the “no texting and driving” comment is a daily exchange before your teen heads out the door, car keys in hand. A 2012 U.S. National Highway Traffic Safety Administration (NHTSA) survey found that drivers 18 to 20 showed the highest level of mobile phone involvement in crashes or near-crashes. […] more…From a Site Compromise to Full Root Access – Local Root Exploits – Part II
When an attacker manages to compromise and get access to a website, they won’t likely stop there, they will aim to gain full root (admin) access to the entire server. If there are more websites hosted on the server being attacked, It is likely they will attempt to compromise every single one of them. How […] more…Auto Generated Iframes To Blackhole Exploit Kit – Following the Cookie Trail
We often talk about websites being compromised and injected with malware that redirect users to exploit kits. We unfortunately don’t give you a complete picture of what the distribution payload is doing on your local machine very often. Today we’ll try to improve that analysis by giving you a more complete picture of the full […] more…Andromeda Botnet Resurfaces
The Andromeda botnet – first spotted in late 2011 – has recently resurfaced. This threat arrives via a familiar means: spammed messages with malicious attachments or links to compromised websites hosting Blackhole Exploit Kit (BHEK) code. Here is one spam message we saw recently: Figure 1. Sample spammed message Andromeda itself is highly modular, and […] more…In-Depth Look: APT Attack Tools of the Trade
Recently, we shed some light on APT attack tools and how to identify them. Part of our daily tasks as threat researchers revolves around investigating APT actors, and the tools that they utilize to help better protect our customers. The purpose of this blog is to further investigate the tools that APT actors typically use […] more…Blackhole Exploit Kit Run Adopts Controversial Java Flaw
In our 2013 Security Predictions, we predicted that conventional malware will focus mainly on refining tools instead of creating new threats. A perfect example of this prediction is how Blackhole Exploit Kit continuously attempts to circumvent the efforts done by the security industry. True enough, we recently received reports of a Blackhole Exploit Kit (BHEK) […] more…The Security Risks of Compromised Digital Certificates
Last week, Trend Micro found malware samples that had been signed with digital certificates belonging to two software companies that develop specialized software. Since the two digital certificates are used by developers making very specialized products, this can increase the chances that this attack will succeed. We have identified several samples that were signed with […] more…Linux Based SSHD Rootkit Floating The Interwebs
For the past couple of days we have been a lot of discussion on a number of forums about a potential kernel rootkit making it’s rounds on the net. Interesting enough when we wrote about the case it wasn’t being picked up by anyone, today however it’s being picked up my an number of AV’s […] more…Facebook Hacked, Mobile Dev Watering Holes, and Mac Malware
Friday, February 1st: Twitter announced it was hacked. The post (Keeping our users secure) by Bob Lord, Director of Information Security, was sparse on details but recommended disabling Java’s browser plugin. And according to Lord, the attackers “were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked.” Friday, February […] more…Blackhole in 2013: What Is It Up To?
2013 has seen some significant changes in the way that attackers use the Blackhole exploit kit in spam attacks. To understand what these changes are, however, let us first go into what Blackhole did in late 2012. Last year, the majority of URLs found in Blackhole-related phishing messages had the following format: http://{compromised or abused […] more…Zero-Day Vulnerabilities Found in Adobe Flash Player
Adobe released an out-of-band update for two critical zero-day vulnerabilities just a few days in advance to its regular monthly patch cycle. The Buffer overflow vulnerability (CVE-2013-0633), which exists in Flash Player can lead to remote code execution or denial of service conditions when exploited. This vulnerability, which has been exploited in the wild, targets […] more…WhiteHole Exploit Kit Emerges
In our 2013 security predictions, Trend Micro Chief Technology Officer Raimund Genes predicted that we will be seeing new toolkits this year. True enough, there is news of an emerging exploit kit dubbed WhiteHole Exploit Kit. The name Whitehole Exploit kit is just a randomly selected name to differentiate it from BHEK. While it uses […] more…2012 Annual Security Roundup: Post-PC Threats
The “post-PC era” is a phrase which has been a veritable buzzword for some time. However, 2012 saw cybercrime expanding to mobile platforms, highlighting how threats have entered the post-PC era, too. Mobile Threats: 350,000 and Growing By the end of 2012, the number of Android malware grew to 350,000. This was a monumental growth […] more…Java Zero-Day Exploit and Ruby on Rails Vulnerabilities
During the past two days there has been a lot of activity and concern around vulnerabilities in two different widely used technologies: Java and Ruby on Rails. With this post, Trend Micro wants to help people understand the situation, the risks, and how we are protecting our customers. Additionally we want to let customers know […] more…Tapjacking: An Untapped Threat in Android
Using social engineering tricks, a developer can create an app that tricks users into tapping a specifically-crafted app popup window (called toast view), making it a gateway for varied threats.This attack, dubbed tapjacking, takes advantage of a specific vulnerability in Android user interaction (UI) component. This technique is not very complicated but has serious security […] more…More information
- BlackBerry met with Facebook over possible bid for the company
- Critical vulnerability in Atlassian Confluence server is under “mass exploitation”
- Resolved: WebAccess Security Token Disruption
- Fallout of EA source code breach could be severe, cybersecurity experts say
- Tech Firms Say There’s Little Doubt Russia Behind Major Hack
- Google’s Safe Browsing goes mobile: Comes to Chrome for Android
- Let’s Encrypt takes free “wildcard” certificates live
- WordPress Patches Privilege Escalation Vulnerabilities
- Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild
- That time a bot invaded Thingiverse and created weird new 3D objects