Articles about Trend Micro

Customer RCSAndroid upgrade e-mail

Hacking Team had RATted on Android: Trend Micro

The next piece of weaponised malware to emerge out of the Hacking Team leak has arrived: a Remote Access Trojan (RAT) for Android. Trend Micro researchers trawling the 400 GB of leaked files apparently have the honour of first discovery: RCSAndroid, it says, is “one of the most professionally developed and sophisticated” …

We’re in bed together, admit Intel Security, Trend Micro and NCA

The UK's National Crime Agency has enlisted two leading security firms as part of a collaborative intelligence-sharing effort. Intel Security and Trend Micro will be part of the "virtual threat teams" which will provide the police with intelligence on cybercrime threats in the UK and the rest of the world. As both companies …

Trend Micro buys Taiwanese deep packet sniffing firm

Global security firm Trend Micro, which has announced a deal to buy smaller network security firm Broadweb. Financial terms of the deal, announced Thursday, were not disclosed. Broadweb's deep packet inspection technology will be dovetailed into Trend's existing lines of network security kit to improve the blocking of malicious …
John Leyden, 11 Oct 2013

Trend Micro turns RAT catcher as Taiwan cops cuff hacker

Security vendor Trend Micro has embiggened its industry collaboration credentials this week after helping Taiwanese police arrest one man in connection with a widespread targeted attack, and teaming up with Interpol on a new cyber crime prevention centre. The targeted attack in question used the notorious Ghost remote access …
Phil Muncaster, 25 Jun 2013

You dirty RAT: Trend Micro spots new Asia-wide attack

Security researchers are warning of yet another advanced, large-scale attack campaign using sophisticated techniques to hide itself from its targets – organisations across Asia. Trend Micro has dubbed the campaign Naikon, based on the HTTP user-agent string “NOKIAN95/WEB” found in various targeted attacks across the region in …
Phil Muncaster, 14 Jun 2013
The Register breaking news

Trend Micro squishes 'stuck in a loop' SafeSync bug

Trend Micro has issued software patches for its SafeSync product after some users complained that the software was not syncing files between two or more devices properly. Posts of complaints on a user forum, and a tip from a Reg reader, suggested the software's synchronisation of files between devices was not functioning and …
John Leyden, 13 Nov 2012
The Register breaking news

New trend: Trojan which steals your pics instead of your text

Miscreants have developed a strain of malware that steals image files from compromised systems. The Pixsteal-A Trojan dispenses with the conventional tactic of only stealing text files, instead concentrating on uploading .jpg, .jpeg, and .dmp (memory dump) files from infected machines onto a remote FTP server. The switch in …
John Leyden, 06 Nov 2012

World's worst exploit kit now targeting point-of-sale systems

Trend Micro researcher Anthony Joe Melgarejo says the sophisticated Angler exploit kit popular in cybercrime circles is now targeting point-of-sale (PoS) systems. It appears to be the first time an exploit kit has included PoS in its list of hackable platforms, putting them alongside the likes of Adobe Flash, Reader, Java, and …
Darren Pauli, 31 Jul 2015
Asus Z97-A UEFI BIOS

Hacking Team spyware rootkit: Even a new HARD DRIVE wouldn't get rid of it

‪Hacking Team RCS spyware came pre-loaded with an UEFI (‬Unified Extensible Firmware Interface) ‪BIOS rootkit to hide itself on infected systems, it has emerged following the recent hacking of the controversial surveillance firm.‬ The stealth infection tactic, which has been revealed through leaked emails arising from last …
John Leyden, 14 Jul 2015
Windows Server

Webcast: How to survive Windows Server 2003 end of life - safely

On July 14 2015, support ends on Windows Server 2003, but don’t panic – we have a live broadcast on June 12 at 11:00 BST, that will feature Freeform Dynamics and Trend Micro, telling you everything you need to know to handle WS2003 EoS securely, in three parts: First, Freeform's DarkLord Tony Lock shows you where your Windows …
David Gordon, 09 Jun 2015
Close-up of the flu virus (artist's impression) - Shutterstock

US judge lobs antivirus patents back to Hell

A US district court has torn the heart out of two patents wielded by Intellectual Ventures against two antivirus makers. In a judgment [PDF] this week, Chief Judge Leonard Stark ruled that Intellectual Ventures' US patents 6,460,050 and 6,073,142 were "ineligible," meaning they are too vague and the technologies they described …
Shaun Nichols, 24 Apr 2015
arrow pointing up

Trend Micro buys encryption firm

Trend Micro has agreed to buy encryption specialist Mobile Armor. Financial terms of the deal, announced on Tuesday, were not disclosed. St Louis, Missouri-based Mobile Armor markets data-protection software that offers full-disk, file/folder, and removable media encryption for endpoints (laptops, tablet PCs, and smartphones). …
John Leyden, 30 Nov 2010
The Register breaking news

Android malware under blog control says Trend Micro

Trend Micro is reporting a Chinese Android malware that operates partly under the command and control of a blog. The ANDROIDOS_ANSERVERBOT.A malware is disguised as an e-book reader offered on a third-party Chinese app store. It uses two command and control servers, one of them served out of a blog with encrypted posts. Posts to …

Java jockeys join Flash fans in the 0-day exploit club

Trend Micro has issued predictable-but-sensible advice that Java should be switched off, because there's a zero-day being exploited in the wild. Trend malware researchers Brooks Li and Feike Hacquebord said the exploit will hose systems running the latest Java platform. Because there's no patch, they added users should disable …
Darren Pauli, 13 Jul 2015
Policeman claps in London street

Europol and Barclays shack up for steamy security shenanigans

EU law enforcement body Europol and Barclays have signed a Memorandum of Understanding (MoU) to formalise their cooperation in combating cybercrime targeting the financial sector. The agreement establishes a formal means for Europol and Barclays to "exchange strategic information, information on trends, expertise and statistical …

Rocket Kittens target defence and IT bods from Europe & Israel

A seemingly state-sponsored hacking crew has compromised systems in several organisations in Israel and Europe, according to new research by Trend Micro. The so-called Rocket Kitten group has targeted defence and IT industries, government entities and academic institutions. Victims include civilian and academic organisations in …
John Leyden, 20 Mar 2015

Don't want pranksters 'bricking' your Android? Just stop using the internet, duh – Google

Video Trend Micro peeps say they have discovered a security bug that miscreants can exploit to seemingly murder millions of Android smartphones. A device will appear lifeless and unable to make calls, with a dead screen and no sound output, if an attack is successful, we're told. All a victim has to do is visit a dodgy webpage, or …
Iain Thomson, 30 Jul 2015
Panic button

Windows Server 2003 end of support's coming in just over a month

Live Regcast On July 14 2015, support ends on Windows Server 2003, but don’t panic – we have a live Regcast today at 11:00 BST, that will feature Freeform Dynamics and Trend Micro, telling you everything you need to know to handle WS2003 EoS securely, in three parts: First, Freeform's DarkLord Tony Lock shows you where your Windows Server …
David Gordon, 12 Jun 2015
Facebook privacy image

Facebook cosies up to ESET for malware detection

Facebook, which earlier this year started partnering with F-Secure and Trend Micro for malware detection, has added Slovak vendor ESET to its suite of security products. The previous tie-ups, detailed here, are worth noting to put the new partnership in context. F-Secure and Trend both pointed Facebook users at their free online …

20-yr-old Brazilian births 100 banking trojans

A 20 year-old Brazilian kid has pumped out more than 100 banking trojans selling each for around US$300 a pop, Trend Micro researchers say. The computer science student's extracurricular activities landed him the dishonourable title of his country's most prolific banking malware creator. Researchers say "Lordfenix", his chosen …
Darren Pauli, 02 Jul 2015
De Vaartkapoen. Pic: Bianca Bueno

Security software's a booming market. Why is Symantec stumbling?

Worldwide security software revenue totalled $21.4bn in 2014, a 5.3 per cent increase from 2013's revenue of $20.3bn, according to the serious bean counters at Gartner. A decline in consumer security software and endpoint protection — areas that together account for 39 per cent of the market — was more than offset the strong …
John Leyden, 27 May 2015

Lads from Lagos using 'Predator Pain' on hapless 419 victims

Advanced-fee fraudsters are adopting the tactics of state-sponsored hackers in attacks targeting small- to medium-sized businesses, rather than large corporates, according to research from Trend Micro. 419 gangs are using the Predator Pain and Limitless keyloggers to steal network credentials through spear-phishing attacks, …
John Leyden, 13 Nov 2014

A life of cybercrime, a caipirinha and a tan: Fraudsters love a Brazilian

Brazil is the only market that offers training services for cybercriminal wannabes, making it possible to start a new career in cybercrime for just $500. Training modules, hands-on exercises, interactive guides, instructional videos, as well as post-training support are available, according to a new report of the Brazilian …
John Leyden, 20 Nov 2014
Osborne 1, second version - DRAM detail

Is that a graphics driver on your shop's register – or a RAM-slurping bank card thief?

Crooks are infecting sales registers running Oracle-owned MICROS software with malware tailor-fitted to steal bank card information from the machines. MalumPoS scrapes sensitive data from the RAM inside the tills, which are used in places from shops and restaurants to hotels and bars. The software nasty can be easily modified to …
John Leyden, 09 Jun 2015

'Ruskie' malware pwns iOS 7

Attackers, perhaps of Russian origin are infecting the iPhones linked to government, defence and media sectors with dangerous spy malware capable of breaching non-jailbroken devices, researchers say. The XAgent malware part of attacks unveiled last year against Windows devices has moved to iOS targeting iOS 7 and to much lesser …
Darren Pauli, 05 Feb 2015

Israeli gov & boffins targeted by pr0ntastic malware from Gaza

Hackers from Gaza and Egypt appear to have teamed up in order to attack Israeli government, research, infrastructure and military networks. Security researchers at Trend Micro have traced ongoing malware-based attacks against Israeli organisations back to Gaza. Trend have uncovered two separate, but interconnected campaigns. …
John Leyden, 16 Feb 2015

Backdoor bot brains snatched after cops, white hats raid servers

Microsoft and Interpol have teamed up to derail a malware infection that compromised more than 770,000 Windows PCs worldwide. Simda is a “pay-per-install” software nasty: fraudsters pay miscreants some sum of money for every 1,000 or so machines they compromise. The hackers effectively earn cash by selling access to the infected …
John Leyden, 13 Apr 2015
ISIS Islamists in Iraq

Russia's to blame for pro-ISIS megahack on French TV network

Russians may have posed as ISIS in a high-profile hack against a French TV channel, according to French investigators and security firms. France's TV5Monde TV network was knocked off air for around 18 hours in April in the aftermath of a hack attack that also resulted in the hijack of its website and Facebook page. The …
John Leyden, 10 Jun 2015

Crooks are using proxy servers to build more convincing phishing sites – new claim

Crooks using phishing pages to grab victims' passwords have apparently upped their game – by using proxy servers rather than static pages to craft legit-looking websites. Normally, thieves recreate a web page – such as a login page for an online shop or webmail – and stick it on a compromised server, then direct marks towards …
John Leyden, 07 Nov 2014
Panic button

Windows Server 2003 end of support draws ever closer

Regcast Sign up RIGHT NOW to watch The Register’s how-to Regcast on coping with Windows Server 2003 End of Service (EoS). Watch this live, on June 12 at 11:00 BST - if you can't make it, just sign up and we will email you when the recording is available. Handy synopsis for you Flash forward to a time when we rest contentedly in the …
David Gordon, 22 May 2015
The Register breaking news

Trend Micro lays down bread for humyo cloud service

Trend Micro has bought UK-based consumer and micro business cloud storage service provider humyo, with the target's file synchronisation technology apparently the cherry on the cake. This technology syncs files between a users' connected devices and humyo's cloud vault, meaning the humyo cloud is like Dropbox with added …
Chris Mellor, 14 Jun 2010
<coat/> <door> <door/> shirt at Cash'n'Carrion

Securobods warn of wide open backdoor in Netis/Netcore routers

Update Routers sold under the brand Netis by Chinese security vendor Netcore have a hardcoded password that leaves users with a wide-open backdoor that could easily be exploited by attackers, claim researchers. The backdoor allows cyber-criminals to easily change settings or run arbitrary code on routers, securobods at Trend Micro warn …
John Leyden, 27 Aug 2014
management regulation1

Symantec to cough up $17m after bloody dust-up with patent troll

Symantec must pay out $17m after losing a patent infringement battle to IP-hoarding house Intellectual Ventures. A jury in Delaware found in favor of Intellectual Ventures on two of three infringement claims, awarding the biz $8m in damages for one claim and $9m for the other. Symantec was found to have infringed on two patents …
Shaun Nichols, 10 Feb 2015

Feds count Cryptowall cost: $18 million says FBI

Cryptowall authors have wrought some US$18 million in damages on US users and businesses alone, according to the FBI. The Cryptolocker-imitation ransomware family has etched itself as one of the most prolific and capable since it was first detected in April 2014. Global damage reported to the US agency are likely considerably …
Darren Pauli, 24 Jun 2015

Oracle slings 193 patches, nixes exploited Java zero day

Oracle has poured cold coffee on a recent Java zero-day that's already under active attack, with just one of the critical patches it's released to address 193 holes in its sprawling product suite. The zero day is the most urgent fix of the lot and of the two dozen other Java patches present among Big Red's quarterly patch …
Darren Pauli, 16 Jul 2015

Thanks for open sourcing .NET say Point of Sale villains

Trend Micro researcher Jay Yaneza says Point of Sales malware has begun using Microsoft .NET, following its release as open source last year. Yaneza found the new so-called GamaPoS malware being distributed to US organisations including credit unions, developers, and pet care businesses through the resurgent Andromeda botnet. …
Darren Pauli, 17 Jul 2015

Not sure what RFID is? Can't hack? You can STILL be a card fraudster with this Android app

Cybercrooks have developed an Android app that makes it possible to hack RFID payment cards, researchers discovered after a Chilean transport system was defrauded. The app at the centre of the scam hacked into the user’s radio frequency ID (RFID) bus transit card in order to recharge credits. The fraud-enabling Android tool, …
John Leyden, 03 Dec 2014

Robin Hood virus: Chinese hackers target nation's wealthy

It seems China's state-supported hackers are being overshadowed by the black hat scene as the latter appears to have doubled in size – with some brazen crackers turning to carding the nation's wealthiest. A Trend Micro report dubbed The Chinese Underground in 2013 [PDF] issued this week reveals the black hat hacking scene has …
Darren Pauli, 05 Sep 2014

Bank-heist malware's servers phone home to Russian spookhaus

Trend Micro researcher Maxim Goncharov says one of the world's most sophisticated and dangerous bank-robbing trojans is now pointing to Russia's Federal Security Service (FSB). Goncharov says the Carbanak trojan's command and control servers now point to the FSB in what could be a joke or gaffe by malware authors. Carbanak in …
Darren Pauli, 25 May 2015
Petrol behind bars in Willowra

Anonymous HACKED GAS STATIONS - and could cause FUEL SHORTAGES

Hackers – possibly affiliated with Anonymous – have already attacked at least one internet-connected gas (petrol) station pump monitoring system. Evidence of malfeasance, uncovered by Trend Micro, comes three weeks after research about automated tank gauge vulnerabilities from Rapid7, the firm behind Metasploit. Automated tank …
John Leyden, 11 Feb 2015
The Register breaking news

Trend Micro to eyeball malware from cloud

Trend Micro has unveiled a major update to its flagship scanning tools that puts your virus signature database online, plus a modular security and system management suite with partner BigFix. Trend Micro's updated OfficeScan Client/Server Suite includes an interesting change to the way its flagship scanning software keeps its …
Austin Modine, 13 Apr 2009
Windows Vista teaser

Trend Micro boosts Vista package, extends Hotmail deal

Security provider Trend Micro yesterday announced a brace of Microsoft-based strategies, rolling out improvements for its combo offering on Vista and proclaiming that it will handle antivirus for Hotmail/Live webmail services for a further year. Users running Trend Micro Internet Security on Vista platforms get two enhancements …
Lewis Page, 26 Jun 2007
Pwned

Sony Pictures MEGAHACK: Securobods pull out probes, analyse badness

Security experts have been able to obtain and analyse samples of the malware linked to the Sony Pictures breach. An FBI advisory issued on Monday, leaked to Reuters, warned US businesses to be vigilant about a new strain of “destructive” malware. The link between the Sony breach and the malware described by the FBI is yet to be …
John Leyden, 04 Dec 2014

Another day, another nasty Android vuln

The security researcher who last year sucked thousands of IDs out of Apple's Developer Centre site has turned his gaze onto Android and turned up a bug that Trend Micro says is exploitable. According to Ibrahim Balic, the bug causes memory corruption on Android 4.2.2 , 4.3 and 2.3 at least, but he suspects all Android versions …
Adobe Flash installer

Trouble comes in threes: Yet ANOTHER Flash 0-day vuln patch looming

Adobe plans to patch Flash yet again after yet another zero-day vulnerability in the web video software leaves PCs prone to hijacking. The PSA15-02 security advisory details a security hole that hackers are already exploiting to compromise vulnerable systems. An upcoming update to squash the critical bug makes it three patches …
John Leyden, 02 Feb 2015

Flash deserves to live, says Cisco security man

Don't kill Flash; that's the message from Cisco security veteran John Stewart who says the Adobe team have put in the hard yards into reforming security and needs to weather the current bug storm. The advice follows a call for the ravaged runtime to be expunged from the digital world by former Yahoo-cum-Facebook security man …
Darren Pauli, 31 Jul 2015

Trend Micro buys leak prevention firm

Trend Micro has acquired data leak prevention firm Provilla, in an agreement that expands its business beyond its core antivirus and content security markets. Financial terms are undisclosed. Data leaks potentially expose firms to security, intellectual property, financial, privacy and compliance threats. Provilla's technology …
John Leyden, 25 Oct 2007

Attackers planting banking Trojans in industrial systems

Trend Micro researcher Kyle Wilhoit says the latest attacks on SCADA and industrial control networks are turning out to carry rather pedestrian banking Trojans, and have been on the rise since October 2014. Talking to DarkReading, Wilhoit said rather than Stuxnet-style attacks, ne'er-do-wells are dropping banking Trojans into …
Malware

Attackers raid SWISS BANKS with DNS and malware bombs

Attackers suspected of residing in Russia are raiding Swiss bank accounts with a multi-faceted attack that intercepts SMS tokens and changes domain name system settings, researchers have warned. The attacks sported a clever implementation of malware that pointed victim machines to replica phishing bank sites when they attempt to …
Darren Pauli, 23 Jul 2014
Two upended shopping trolleys in an alleyway. Photo by Cyron, licensecd under CC 2.0

Bank-card-sniffing shop menace Punkey pinned down in US Secret Service investigation

Security researchers have identified a new strain of point-of-sale (POS) malware during an investigation led by the US Secret Service. Stolen payment card information and the IP addresses of more than 75 infected sales tills were found by security researchers at Trustwave during the probe. It's unclear how many victims the so- …
John Leyden, 16 Apr 2015