Virus News

July 27th, 2009

Welcome to our RSS – Virus and Spyware Related News Feed section. This page might take some time loading up as it has to extract and load data from other sources.

Microsoft – Security at Home

PCAdvisor – Security News

Computerworld – Viruses News

Kaspersky – Virus News

Norton Security Articles

Trend Micro malware Blog

  • Vulnerabilities in Apache CouchDB Open the Door to Monero Miners -

    . Based on data from our sensors that we deployed worldwide, we have observed a new attack that exploits two vulnerabilities in a popular database system to deliver miners (detected by Trend Micro as HKTL_COINMINE.GE, HKTL_COINMINE.GP, and HKTL_COINMINE.GQ) for the Monero cryptocurrency.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    Vulnerabilities in Apache CouchDB Open the Door to Monero Miners

  • February Patch Tuesday Is a Bouquet of Fixes for Privilege Escalation Vulnerabilities -

    Microsoft’s Patch Tuesday for February has a bevy of fixes addressing 50 security issues in Windows, Office (including Office Services and Web Apps), SharePoint, Internet Explorer, Edge, and ChakraCore JavaScript engine, as well as additional patches for the notorious Meltdown and Spectre vulnerabilities. Of these, 14 were rated critical. Eight of these security flaws were disclosed through Trend Micro’s Zero Day Initiative.

    Majority of the vulnerabilities are related to elevation of privileges. When exploited successfully, these can allow hackers to carry out normally restricted and system-level functions or hijack the affected systems. There are also 11 security issues affecting the Windows kernel that can lead to local privilege escalation and information disclosure when exploited.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    February Patch Tuesday Is a Bouquet of Fixes for Privilege Escalation Vulnerabilities

  • Deciphering Confucius’ Cyberespionage Operations -

    In today’s online chat and dating scene, romance scams are not uncommon, what with catfishers and West African cybercriminals potently toying with their victims’ emotions to cash in on their bank accounts. It’s quite odd (and probably underreported), however, to see it used as a vector for cyberespionage.

    We stumbled upon the Confucius hacking group while delving into Patchwork’s cyberespionage operations, and found a number of similarities. Code in their custom malware bore similarities, for instance. And like Patchwork, Confucius targeted a particular set of individuals in South Asian countries, such as military personnel and businessmen, among others.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    Deciphering Confucius’ Cyberespionage Operations

  • New AndroRAT Exploits Dated Permanent Rooting Vulnerability, Allows Privilege Escalation -

    Trend Micro detected a new variant of Android Remote Access Tool (AndroRAT) (identified as ANDROIDOS_ANDRORAT.HRXC) that has the ability to inject root exploits to perform malicious tasks such as silent installation, shell command execution, WiFi password collection, and screen capture. This AndroRAT targets CVE-2015-1805, a publicly disclosed vulnerability in 2016 that allows attackers to penetrate a number of older Android devices to perform its privilege escalation.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    New AndroRAT Exploits Dated Permanent Rooting Vulnerability, Allows Privilege Escalation

  • Attack Using Windows Installer msiexec.exe leads to LokiBot -

    Recently, we discovered CVE-2017-11882 being exploited again in an attack that uses an uncommon method of installation—via the Windows Installer service in Microsoft Windows operating systems.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    Attack Using Windows Installer msiexec.exe leads to LokiBot

  • Detecting New Threats via Contextual Information and Reputation -

    Cybercriminals are constantly looking for new strategies to defeat security solutions and improve the success of their attacks.

    The increase in adoption of polymorphism and packing has made traditional signature-based detection at the client side (endpoint) obsolete. Backend systems struggle in analyzing modern malware since both static and dynamic analysis are limited when heavily obfuscated code or anti-sandboxing techniques are employed. In addition, the number of newly discovered threats is increasing, and faster detection systems are required to protect users around the world.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    Detecting New Threats via Contextual Information and Reputation

  • Malicious Chrome Extensions Found in Chrome Web Store, Form Droidclub Botnet -

    The Trend Micro Cyber Safety Solutions team has discovered a new botnet delivered via Chrome extensions that affect hundreds of thousands of users. (The malicious extension is detected as BREX_DCBOT.A.) This botnet was used to inject ads and cryptocurrency mining code into websites the victim would visit. We have dubbed this particular botnet Droidclub, after the name of one of the oldest command-and-control (C&C) domains used.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    Malicious Chrome Extensions Found in Chrome Web Store, Form Droidclub Botnet

  • Digital Extortion: A Forward-looking View -

    In 2017, we saw digital extortion increasingly become cybercriminals’ first and foremost money-making modus operandi. It’s mostly due to ransomware — cybercriminals’ currently most popular weapon of choice, helping them in extorting cash from users all over the world and in hitting big businesses and organizations.

    By infecting business-critical systems through their shotgun-style ransomware attacks and thus crippling enterprise day-to-day operations, cybercriminals managed to force big companies to bend to their will. Digital extortion has become the most successful moneymaking venture for cybercriminals, and the most effective in terms of the scale of their victims. Big or small, everyone gets hit, and everyone has to pay.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    Digital Extortion: A Forward-looking View

  • Hacking Group Spies on Android Users in India Using PoriewSpy -

    We have been seeing attacks that spy on and steal data from specific targets on the mobile platform since late 2017. We discovered the malicious apps victimizing Android users in India, and believe a hacking group—one previously known for victimizing government officials—carried out the attacks. We identified these malicious apps as PoriewSpy (detected by Trend Micro as ANDROIDOS_PORIEWSPY.HRX). We also suspect that the group used malicious apps built using DroidJack or SandroRAT (detected as ANDROIDOS_SANRAT.A), based on similarities in their command-and-control (C&C) server. DroidJack is a remote access Trojan (RAT) that allows intruders to take full control of a user's Android device when installed.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    Hacking Group Spies on Android Users in India Using PoriewSpy

  • Malvertising Campaign Abuses Google’s DoubleClick to Deliver Cryptocurrency Miners -

    On January 24, 2018, we observed that the number of Coinhive web miner detections tripled due to a malvertising campaign. We discovered that advertisements found on high-traffic sites not only used Coinhive (detected by Trend Micro as JS_COINHIVE.GN), but also a separate web miner that connects to a private pool. Attackers abused Google’s DoubleClick, which develops and provides internet ad serving services, for traffic distribution. Data from the Trend Micro™ Smart Protection Network™ shows affected countries include Japan, France, Taiwan, Italy, and Spain. We have already disclosed our findings to Google.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    Malvertising Campaign Abuses Google’s DoubleClick to Deliver Cryptocurrency Miners

  • Washington Post Security Fix

    Comments are closed.
    Wordpress SEO Plugin by Wordpress SEO Plugin