Virus News

July 27th, 2009

Welcome to our RSS – Virus and Spyware Related News Feed section. This page might take some time loading up as it has to extract and load data from other sources.

Microsoft – Security at Home

PCAdvisor – Security News

Computerworld – Viruses News

Kaspersky – Virus News

Norton Security Articles

Trend Micro malware Blog

  • Cryptocurrency Miner Uses WMI and EternalBlue To Spread Filelessly -

    Fileless malware can be a difficult threat analyze and detect. It shouldn’t be a surprise that an increasing number of new malware threats are fileless, as threat actors use this technique to make both detection and forensic investigation more difficult. We recently found a new cryptocurrency miner (which we detect as TROJ64_COINMINER.QO) that uses this particular technique as well.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    Cryptocurrency Miner Uses WMI and EternalBlue To Spread Filelessly

  • New Disdain Exploit Kit Detected in the Wild -

    The exploit kit landscape has been rocky since 2016, and we've observed several of the major players—Angler, Nuclear, Neutrino, Sundown—take a dip in operations or go private. New kits have popped up sporadically since then, sometimes revamped from old sources, but none have really gained traction. Despite that fact, cybercriminals continue to develop more of them.

    On August 9, we detected a new exploit kit in the wild, being distributed through a malvertising campaign. With additional analysis of the code and activity, we can confirm that it is the Disdain exploit kit, which started to advertise their services in underground forums starting August 8. We found the “disdain” keyword contained in its JavaScript code.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    New Disdain Exploit Kit Detected in the Wild

  • GhostClicker Adware is a Phantomlike Android Click Fraud -

    We’ve uncovered a pervasive auto-clicking adware from as much as 340 apps from Google Play, one of which, named “Aladdin’s Adventure’s World”, was downloaded 5 million times. These adware-embedded applications include recreational games, device performance utilities like cleaners and boosters, and file managers, QR and barcode scanners, multimedia recorders and players, device charger, and GPS/navigation-related apps.

    While the majority of the said apps have been taken down, 101 were still downloadable as of August 7, 2017. Our detections/sensors saw the prevalence of this adware in Southeast Asian countries as well as Brazil, Japan, Taiwan, Russia, Italy, and the U.S.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    GhostClicker Adware is a Phantomlike Android Click Fraud

  • The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard -

    In many instances, researchers and engineers have found ways to hack into modern, internet-capable cars, as has been documented and reported several times. One famous example is the Chrysler Jeep hack that researchers Charlie Miller and Chris Valasek discovered. This hack and those that have come before it have mostly been reliant on specific vulnerabilities in specific makes and/or brands of cars. And once reported, these vulnerabilities were quickly resolved. But what should the security industry’s response be when a hack is found that is not only successful in being able to drastically affect the performance and function of the car, but is also stealthy and vendor neutral?

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard

  • CVE-2017-0199: New Malware Abuses PowerPoint Slide Show -

    CVE-2017-0199 was originally a zero-day remote code execution vulnerability that allowed attackers to exploit a flaw that exists in the Windows Object Linking and Embedding (OLE) interface of Microsoft Office to deliver malware. It is commonly exploited via the use of malicious Rich Text File (RTF) documents, which was used by the DRIDEX banking trojan discovered earlier this year.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    CVE-2017-0199: New Malware Abuses PowerPoint Slide Show

  • Can Online Dating Apps be Used to Target Your Company? -

    People are increasingly taking to online dating to find relationships—but can they be used to attack a business? The kind (and amount) of information divulged—about the users themselves, the places they work, visit or live—are not only useful for people looking for a date, but also to attackers who leverage this information to gain a foothold into your organization.

    To bear out the risks, we delved into various online dating networks, which initially included Tinder, Plenty of Fish, Jdate, OKCupid, Grindr, Coffee meets Bagel, and LoveStruck.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    Can Online Dating Apps be Used to Target Your Company?

  • Critical Windows Search and Hyper-V Vulnerabilities Tackled by August’s Patch Tuesday -

    Microsoft has released their monthly security bulletin with 48 security patches—25 of which are labeled Critical, 21 are Important, and two are Moderate in severity. This was a standard batch of updates, addressing issues in Internet Explorer, Microsoft Edge, Windows, Microsoft SharePoint, Adobe Flash Player and Microsoft SQL Server.

    A majority of the critical CVEs are Scripting Engine Memory Corruption Vulnerabilities, which is not surprising. Since April of this year, we’ve been seeing a steady increase in vulnerabilities for the Scripting Engine. Typically, in a web-based attack scenario, an attacker would leverage Scripting Engine vulnerabilities to create a malicious website and then maneuver users to visit the site. This current batch of critical vulnerabilities could result in remote code execution if exploited successfully.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    Critical Windows Search and Hyper-V Vulnerabilities Tackled by August’s Patch Tuesday

  • OnionDog is not a Targeted Attack—It’s a Cyber Drill -

    In this blog post, we will look into smaller scale attacks in which an actor group allegedly attacked high profile targets working in the energy and transportation sector of South Korea for more than three years in a row. These attacks, which are known as OnionDog, received some publicity in the media. A perfunctory look into these actors' activities might easily lead to hasty conclusions on attribution. We had a more thorough look, in which we reached an interesting conclusion: OnionDog is not a targeted attack. OnionDog is a cyber drill.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    OnionDog is not a Targeted Attack—It’s a Cyber Drill

  • How Chat App Discord Is Abused by Cybercriminals to Attack ROBLOX Players -

    Cybercriminals targeting gamers are nothing new. We’ve reported many similar incidents in the past, from fake game apps to real-money laundering through online game currencies. Usually the aim is simple: to steal personal information and monetize it. And usually, for that purpose the game itself is abused.

    In the particular scenario we are describing in this blog post, however, it is not the game that is being abused by the cybercriminals, but rather one of the communication tools used by the game players. We’re referring to Discord, a new-generation chat platform that gamers frequently use, with a user base of more than 45 million registered members.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    How Chat App Discord Is Abused by Cybercriminals to Attack ROBLOX Players

  • Vulnerability in F2FS File System Leads To Memory Corruption on Android, Linux -

    August’s Android Security Bulletin includes three file system vulnerabilities (CVE-2017-10663, CVE-2017-10662, and CVE-2017-0750 that were discovered by Trend Micro researchers. These vulnerabilities could cause memory corruption on the affected devices, leading to code execution in the kernel context. This would allow for more data to be accessed and controlled by the malware. A malicious app could be used to trigger this vulnerability, which occurs when a malicious disk using the F2FS (Flash-Friendly File System) is mounted. The disk can either be an actual physical device or a virtual file image.

    Post from: Trendlabs Security Intelligence Blog - by Trend Micro

    Vulnerability in F2FS File System Leads To Memory Corruption on Android, Linux

  • Washington Post Security Fix

    Comments are closed.
    Wordpress SEO Plugin by Wordpress SEO Plugin