IT threat evolution Q3 2016
Download the full report (PDF) Overview Targeted attacks and malware campaigns Dropping Elephant Targeted attack campaigns don’t need to be technically advanced in order to be successful. In July 2016 we reported on a group called Dropping Elephant (also known as ‘Chinastrats’ and ‘Patchwork’). Using a combination of social engineering, old exploit code and some […] more…Teaching Kids to Rise Above the Twitter Trolls
The social media platform Twitter has been making the headlines every day lately and not for good reasons. The popular 140-character driven network is under fire for its increasingly troll-heavy content and its failure to regulate abusive tweeters. From celebrities shutting down accounts to politicians and special interest groups daily (and very publically) engaged in […] more…PCI 3.2 Compliant Organizations Are Likely GDPR Compliant
PCI DSS version 3.1 will be retired on October 31, 2016, with version 3.2 being the only valid version beginning the 1st of November. From that date, any new validation of PCI compliance will have to be against version 3.2. The new requirements will, however, be considered ‘best practices’ until Feb. 1, 2018 when they […] more…Unsecured IoT Devices Behind Last Week’s DDoS Attack, More Likely to Come
A hyper-connected world offers a lot of benefits, but it also comes with a lot of risk. President Obama has said it himself. Just this past week on Jimmy Kimmel Live, he wondered aloud, “How do we continue to get all the benefits of being in cyberspace, but protect our finances, protect our privacy? What […] more…McAfee MOVE AntiVirus Enables Security and Savings
Warehouse retailers thrive by taking advantage of efficiencies that happen at scale and passing those savings on to consumers. But those money-saving efficiencies aren’t just found in the merchandise on the shelves, they’re also found on the backend in the form of more efficient IT infrastructure. One such retailer with hundreds of locations worldwide uses […] more…How to Secure the Future of the Internet of Things
The world of security for the Internet of Things just became more complex. IoT devices are no longer a potential threat to their owners; now they pose a significant threat to everything connected to the Internet. The old IoT security problem For the past year, the cybersecurity and IoT communities have been at odds regarding […] more…Major Websites Twitter, Spotify, Netflix Shut Down by DDoS Attack
We’re no strangers to Armageddon-scenario movies, but today a real disaster hit the internet. Using brute-force tactics that flood key elements of the internet’s structure, cybercriminals managed to shut down a variety of popular websites. The resulting chaos essentially closed the entire East Coast of the U.S., before spreading to other parts of the country […] more…Politics keeps the U.S. from securing private-sector networks, says former CIA chief Robert Gates
ORLANDO, Fla. — A person who had access to the nation’s deepest secrets, Robert Gates, the former CIA chief and U.S. Secretary of Defense from 2006 to 2011, is lot more open in retirement. Gates had the crowd at the Gartner Symposium/ITxpo laughing over his observations about IT and applauding at some of the things […] more…CryPy: ransomware behind Israeli lines
A Tweet posted recently by AVG researcher, Jakub Kroustek, suggested that a new ransomware, written entirely in Python, had been found in the wild, joining the emerging trend for Pysomwares such as the latest HolyCrypt, Fs0ciety Locker and others. This Python executable comprises two main files. One is called boot_common.py and the other encryptor.py. The […] more…Trust me, I have a pen
Earlier today we became aware of a malicious website delivering Petya through the Hunter exploit kit. While there is nothing special about yet another exploit kit page, this one caught our attention because it mimics the index page of our sinkhole systems. A malicious webpage faking one of our research systems With cybercriminals increasingly trying […] more…Taking down the internet: possible but how probable?
The hack of the Democratic National Committee this past summer, allegedly by Russia, prompted a political firestorm, but didn’t cause even a ripple in the US economy. But imagine the economic firestorm that would result if online attackers brought the entire internet down, even temporarily. You may not have to imagine it, according to Bruce […] more…FastPOS Updates in Time for the Retail Sale Season
Most point-of-sale (PoS) threats follow a common process: dump, scrape, store, exfiltrate. FastPOS (initially detected by Trend Micro as TSPY_FASTPOS.SMZTDA) was different with the way it removed a middleman and went straight from stealing credit card data to directly exfiltrating them to its command and control (C&C) servers. FastPOS was true to its moniker—pilfer data […] more…Firewall Migrations: Five Ways to Maximize Security Resilience & Availability
If you are planning an upgrade or migration to next-generation firewalls (NGFWs), it is not just an opportunity to gain richer functionality and a wider range of protections. It is also an excellent time to review your entire security architecture; to ensure it maximizes the value and efficiency of all your security devices, while minimizing […] more…TeamXRat: Brazilian cybercrime meets ransomware
Brazilian cybercriminals are notorious for their ability to develop banking trojans but now they have started to focus their efforts in new areas, including ransomware. We discovered a new variant of a Brazilian-made ransomware, Trojan-Ransom.Win32.Xpan, that is being used to infect local companies and hospitals, directly affecting innocent people, encrypting their files using the extension […] more…The Rise and Fall of Encryptor RaaS
by Stephen Hilt and Fernando Mercês Back in July 2015, a new ransomware as a service named “Encryptor RaaS” (detected by Trend Micro as RANSOM_CRYPRAAS.SM) entered the threat scene, rivaling or at least expecting to succeed the likes of similar get-rich-quick schemes from Tox and ORX Locker. The newcomer appeared to be a dark horse: […] more…Leaking Beeps: Here’s A Reason to Kick Pagers out of Hospitals
With Stephen Hilt and Philippe Lin Today, the Trend Micro Forward-Looking Threat Research team released the paper Leaking Beeps: Unencrypted Pager Messages in the Healthcare Industry, our research about a weakness we identified in pager technology. If you are concerned about keeping your health information private, I would highly recommend you read through it. I, […] more…More information
- Russian APT Gamaredon Changes Tactics in Attacks Targeting Ukraine
- Millions of IPs remain infected by USB worm years after its creators left it for dead
- Linux Kernel CVE-2019-16921 Information Disclosure Vulnerability
- Google warns court against changing liability shield for internet companies
- SWIFT warns of new successful cyber thefts against banks
- Trihedral Patches Flaws in SCADA Software
- Apple’s fight with the FBI could trigger a password arms race
- The Creepy Trailer for "Morgan" Was Made By IBM’s Watson
- Android developer surprised to find his app in Nokia Store
- Library service interruption, 5/8/2012