Articles about Trend Micro

If you can chdir you can hack CA's Unified Infrastructure Manager

IT shops running CA Technologies' Unified Infrastructure Management (UMI) – formerly CA Nimsoft – need to run patches for three vulnerabilities, one remotely exploitable. CA bought Nimsoft in 2010 to get its hands on the “single pane of glass” monitoring system, covering servers, networks, storage, and databases. The most …
Africa Studio http://www.shutterstock.com/gallery-137002p1.html

Cerber ransomware menace now targeting databases

Criminals behind the massive Cerber ransomware enterprise are now targeting businesses as well as individuals with a module that kills and encrypts databases, warns Intel's former security arm McAfee. Cerber had conducted more than 160 campaigns when examined in July targeting 150,0000 users and raking in a cracking US$195,000 …
Darren Pauli, 07 Nov 2016

Nymaim malware got a major 'upgrade', says Verint

The miscreants behind the Nymaim malware dropper have updated their code to include better obfuscation and blacklisting against security software. Analytics outfit Verint, which discovered the latest version and offers its analysis here, says the new code base targets phishing rather than the drive-by-download approach …
Image composite Maria Dryfhout http://www.shutterstock.com/gallery-87499p1.html

Hacker's Icarus machine steals drones midflight

PacSec Security researcher Jonathan Andersson has developed a tidy hardware module capable of fully hijacking a variety of popular drones and remote control gear running over the most popular protocol. Trend Micro's advanced security group manager told The Register he developed the Icarus box, and it only needs to be within range of …
Darren Pauli, 27 Oct 2016
I AM NIKOM / Shutterstock.com

This is not a drill: Hackers pop stock Nexus 6P in five minutes

The Nexus 6P appears to have been hacked with attackers at the Mobile Pwn2Own contest installing malware without user interaction in less than five minutes. The hack by China's Keen Team happened minutes ago at the Tokyo event and does not require users to do anything. It is as of the time of writing yet to be confirmed but …
Darren Pauli, 26 Oct 2016
Cast of '90s show ER, from L to R: Julianna Margulies, Eriq La Salle, George Clooney, Anthony Edwards, Sherry Stringfield and Noah Wyle. Credits, images, characters and others all belong to Constant c Productions, NBC Universal, Amblin Television and Warner Bros. Television.

Paging 1994: Crap encryption still rife in devices

Pager communications in industrial environments often run over unencrypted channels, creating a hacker risk in the process. Industries such as energy, manufacturing, and transportation still make extensive use of pager technologies that have been superseded in other sectors of the economy. Researchers at Trend Micro warn that …
John Leyden, 25 Oct 2016
Acer XR341CKA gaming monitor

Time to crack down on sales of dragon's gold - securobods

Security researchers have urged gaming companies to crack down on virtual currency auction and sales sites, reckoning criminals are cashing in to launder stolen money. The research team at Trend Micro says most black hats steal the currency using online game exploits or by using malware and phishing to compromise players, …
Darren Pauli, 13 Oct 2016
image by TSHIRT-FACTORYdotCOM http://www.shutterstock.com/gallery-110716p1.html

Smash and grab PoS pwners ready with pre-Xmas malware update

A smash and grab malware gang has updated its FastPoS point of sales hack app to plunder credit cards more efficiently ahead of the festive season. The FastPoS author is known for issuing an annual update to the malware which throws stealth to the wind in favour of quick and noisy raiding. The technique marks FastPoS as …
Darren Pauli, 07 Oct 2016

Wasted: Kaspersky makes jokers of upstart ransomware VXers

Kaspersky has released a decryption tool that neuters the MarsJoke ransomware, less than a month after it was first revealed. The decryption effort is salvation for victims who are told they have 96 hours to pay the 0.7 Bitcoin (US$427) ransom before their data is permanently encrypted. MarsJoke, also known as Polyglot, …
Darren Pauli, 05 Oct 2016

Happy VXers get 400 enterprise-popping apps hosted on Google Play

More than 400 malicious apps from a single attacker have been successfully uploaded to the Google Play store, with one downloaded up to half a million times, Trend Micro malware researcher Echo Duan says. The malware is disguised as various games, phone boosters, and themes that when executed can compromise devices and …
Darren Pauli, 04 Oct 2016
Super-villain Dr Evil puts finger to lip in scheming manner, asks for one million dollars. Pic: New Line Cinema

VESK coughs up £18k in ransomware attack

Exclusive Hosted desktop and cloud provider VESK is staggering back to its feet after paying 29 Bitcoins (£18,600) in a ransomware attack earlier this week. VESK became aware that one of its environments had been impacted by a ransomware virus on Monday (26 September) at 3am. This virus was a new strain of the Samas DR ransomware, …
Kat Hall, 29 Sep 2016
Bear attack

Russian hackers target MH17 journalists for embarrassing Putin

Journalists investigating the downing of the MH17 flight over eastern Ukraine in 2014 have been hacked by Russia, according to security intelligence outfit ThreatConnect. The Joint Investigation Team (JIT) recently announced that Malaysia Airlines flight MH17 was shot down over Eastern Ukraine in July 2014 by a missile …
John Leyden, 29 Sep 2016

Researcher says Patch Tuesday fix should have been made earlier

Security researcher Kafeine says one of this week's Microsoft patches addresses a vulnerability it knew of since last year, and may only have pulled the patching trigger after a spate of banking trojan attacks. The attacks utilised the low-level flaw (CVE-2016-3351) for cloaking purposes among an arsenal of exploits. The …
Darren Pauli, 16 Sep 2016
Image composite: Microsoft and StudioLondon http://www.shutterstock.com/gallery-893620p1.html

Remote hacker nabs Win10 logins in 'won't-fix' Safe Mode* attack

Security researcher Doron Naim has cooked an attack that abuses Windows 10's Safe Mode to help hackers steal logins. The Cyberark man says remote attackers need to have access to a PC before they can spring this trap, which involves rebooting a machine into Safe Mode to take advantage of the lesser security controls offered in …
Darren Pauli, 16 Sep 2016

French hackers selling hidden .22 calibre pen guns on secret forums

French hackers are selling concealed weapons including so-called pen guns that fire .22 Long Rifle bullets on highly secretive crime forums, threat researcher Cedric Pernet says. Videos of the home-made pen guns scattered around the internet show the weapons in working use. The guns are being sold for €150 (US$169, £127, A$ …
Darren Pauli, 15 Sep 2016

Top infosec vendors, cops, liberate thousands from ransomware

Warriors from industry and law enforcement collective No More Ransom have cleansed more than 2500 machines of ransomware by distributing free decryption keys and other tools to eradicate infections. No More Ransom is an alliance of cops and anti-malware experts including McAfee and soon-to-be-former parent company Intel, …
Darren Pauli, 14 Sep 2016
A plate of horderves

Kaspersky Ireland R&D haus

Kaspersky Lab is opening a new R&D office in Ireland. With an initial investment of close to $5m, Kaspersky plans to create 50 new Dublin-based roles in the next three years. The new office will focus mainly on developing data analysis and machine learning technologies for the firm’s enterprise product line-up. The Russian …
John Leyden, 07 Sep 2016

When you've paid the ransom but you don't get your data back

Almost one in three firms that pay ransom fail to get their data back, according to new research from Trend Micro. A poll of IT managers at 300 UK businesses sponsored by Trend Micro found that 44 per cent of UK businesses have been infected by ransomware in the last two years. The study also found that around two-thirds (65 …
John Leyden, 07 Sep 2016
Pokemon toys

Pokémon-loving VXer targets Linux with 'Umbreon' rootkit

A Pokemon fan has brewed up a stealthy rootkit targeting Linux. Trend Micro senior threat researcher Fernando Mercês says the ring three rootkit, named by its authors after the nocturnal Pokemon character Umbreon, can run on x86, x86-64 and Raspberry Pi, is difficult to detect, and highly portable. "Its main purpose is to …
Darren Pauli, 06 Sep 2016
image by Alexander_P http://www.shutterstock.com/gallery-493324p1.html

Google crushes 33 Chrome bugs, pays boffins more than $56k

Google has patched 33 Chrome vulnerabilities, including 13 rated high severity, with the release of verison 53 of the world's most popular web browser. Six high-severity bugs were reported in Google's native Adobe Reader wrecker PDFium, namely a use after free and five heap overflows of which three were reported by GiWan Go of …
Darren Pauli, 02 Sep 2016

Asia’s top cloud security conference lands in London

PROMO Working in cyber-security? Come and join the experts at CLOUDSEC 2016 in London on September 6 and explore the key security issues du jour. CLOUDSEC is one of the largest internet security conferences held across Asia Pacific and Europe. These events are vendor-neutral and features presentations by industry experts who will …
David Gordon, 16 Aug 2016
Fish hook in a clear light blue tropical ocean. Photo by Shutterstock

Phisherfolk phlock to Rio for the Olympics

Criminals are ramping up their online presence in Rio de Janeiro, where the Olympic Games will open on Friday, August 5 – with IBM and Fortinet reporting new banking trojans and cyber crime activity in Brazil. Big Blue has reported a variant of the Zeus trojan has emerged on crime forums targeting local banks and exploiting …
Darren Pauli, 05 Aug 2016

Hackers detail the blood and guts of the 2016 Pwn2Own exploit expo

Black Hat Zero Day Initiative researchers have detailed the winning hacks of this year's Pwn2Own competition, painting a picture of broken browsers and owned systems. The quartet of Matt Molinyawe, Abdul-aziz Hariri, Jasiel Spelman, and Jason Smith of Trend Micro's Zero Day Initiative vulnerability clearing house detailed and …
Darren Pauli, 04 Aug 2016

Nigerian cops cuff cybercrime suspect, reveal you don't need 419 to make $60m

Police in Nigeria have arrested the suspected mastermind of a web of cybercrime scams thought to have cost victims worldwide more than $60m. The 40-year-old Nigerian national, known so far only as "Mike", was arrested in a joint operation by INTERPOL and the Nigerian Economic and Financial Crime Commission. The main two types …
John Leyden, 01 Aug 2016
Type arms of an old typewriter

Malware ads' steganography

A malicious online advertising campaign dubbed AdGholas threw malware at up to a million netizens a day, and infected thousands of Windows machines, for over a year, we're told. AdGholas picked out normal users to attack, as opposed to security researchers investigating the code in virtual machines, by studying their language …
John Leyden, 28 Jul 2016

Symantec, Intel carve out diminishing slice of growing security market

Worldwide security software revenues rose 3.7 per cent to reach $22.1bn in 2015, according to analyst Gartner. Security information and event management (SIEM) remained the fastest-growing sub segment of the cybersecurity biz last year, experiencing 15.8 per cent growth. By contrast, consumer security software recorded a 5.9 …
John Leyden, 14 Jul 2016

Ransomware scum build weapon from JavaScript

New ransomware written entirely in JavaScript has appeared encrypting users files for a US$250 (£172, A$336) ransom and installing a password-stealing application. Researchers @jameswt_mht and @benkow_ found the ransomware they dubbed RAA. Bleeping Computer malware man Lawrence Abrams described the ransomware noting it is …
Team Register, 20 Jun 2016
Philips Android TV

Forget Game of Thrones as Android ransomware infects TVs

Researchers at Trend Micro have spotted a new variant of ransomware code that can be used to lock down Android-powered smartphones and televisions. The FLocker (short for the Frantic Locker) malware has been in circulation since at least April 2015 and has concentrated on locking down smartphone handsets running the latest …
Iain Thomson, 13 Jun 2016
Image composite: Microsoft and StudioLondon http://www.shutterstock.com/gallery-893620p1.html

Microsoft warns of worm ransomware, finds fix in Windows 10 upgrade

Microsoft is warning of a wormable ransomware that infects removable drives on versions of its operating system below Windows 10. The ZCrypt scumware is distributed through old but effective methods of phishing emails, Word document macros, and fake Adobe Flash installers. It drops a warning notice in a HTML file informing …
Darren Pauli, 01 Jun 2016

Infosec freeloaders not welcome as malware silo VirusTotal gets tough

Security firms that use the Google-owned VirusTotal malware database but don't contribute to the silo are going to find themselves out on a limb. For the past 12 years, researchers have been feeding samples of software nasties into VirusTotal, allowing antivirus engines to check they can detect malicious code. But the site has …
Iain Thomson, 09 May 2016

How to evade the NSA: OpSec guide for journalists also used by terrorists

Privacy guides meant for journalists are being re-purposed by terrorist groups, Trend Micro researchers say. The guides are designed to help hacks avoid surveillance by nation-states and well-resourced adversaries focusing on encryption, operational security, recommended and untrusted platforms. It is one finding of dozens …
Darren Pauli, 04 May 2016

Adobe scrambles to untangle itself from QuickTime after Apple throws it over a cliff

Apple has finally informed its customers that it is no longer supporting QuickTime for Windows. Adobe, whose code is intertwined with QuickTime, is having to do a rapid reworking of its software to avoid putting users at risk. Last week, Trend Micro went public with the news that Apple had dumped support QuickTime for Windows …
Iain Thomson, 22 Apr 2016

US-CERT advice says kill Quicktime for Windows, quickly

US-CERT has echoed The Register's advice to the effect that if you're running Quicktime for Windows, it's time to delete it. Right now. The United States' Department of Homeland Security's Computer Emergency Response Team's advice comes after Apple took Quicktime for Windows for its long drive down a country road. As noted by …

Uninstall QuickTime for Windows: Apple will not patch its security bugs

RIP QuickTime for Windows. Apple is "deprecating support" for the application, and will no longer patch security flaws in the software. The iGiant is also quietly advising users to uninstall the media player from their Windows machines to avoid being hacked. Word of the end of support comes from infosec biz Trend Micro. It …
Iain Thomson, 14 Apr 2016

Dear Windows, OS X folks: Update Flash now. Or kill it. Killing it works

Adobe has published new versions of Flash to patch a vulnerability being exploited right now by hackers to hijack PCs and Macs. The APSB16-10 update addresses a total of 24 CVE-listed flaws, including one (CVE-2016-1019) that's been exploited in the wild to inject malware into Microsoft Windows and Apple OS X systems. Users …
Shaun Nichols, 08 Apr 2016
Katipunan, Quezon City, Philippines. Photo by Chris Villarin, CC 3.0

Megabreach: 55 MILLION voters' details leaked in Philippines

A massive data breach appears to have left 55 million Philippine voters at much greater risk of identity fraud and more. Security researchers warn that the entire database of the Philippines’ Commission on Elections (COMELEC) has been exposed in what appears to be the biggest government related data breach in history. The …
John Leyden, 07 Apr 2016

Patch out for 'ridiculous' Trend Micro command execution vuln

A bug in its software meant that Trend Micro accidentally left a remote debugging server running on customer machines. The flaw, discovered by Google’s Project Zero researcher Tavis Ormandy, opened the door to command execution of vulnerable systems (running either Trend Micro Maximum Security, Trend Micro Premium Security or …
John Leyden, 31 Mar 2016

Hackers crack OS X, Windows, web browsers' security to net $460,000

Pwn2Own Researchers pulled off multiple OS X, Windows and web browser exploits at the latest Pwn2Own competition. White hat hackers earned $460,000 in prizes for finding and exploiting 21 security vulnerabilities in widely used software. Details of the flaws were privately shared with vendors so that their code that can be fixed and …
John Leyden, 18 Mar 2016

Quadsys Five enter 'not guilty' pleas to Crown court charges

The fraud case against five men from security reseller Quadsys will go to trial in September after they pleaded not guilty to allegations of hacking into a rival’s database to plunder customer and pricing data. The individuals charged include MD Paul Cox, owner Paul Streeter, director Alistair Barnard, account manager Steve …
Paul Kunert, 18 Mar 2016
Sony Xperia Z4 4G Android tablet

Your unpatchable, insecure Android mobe will feel right at home in the Internet of Stuff era

If you've got a Qualcomm Snapdragon chip in your Android phone and tablet, make sure you grab its latest security updates – if you can. And if you can't, well, get used to it: the Internet of Things is going to bring more and more un-patchable and insecure electronics onto the market, it's feared. Researchers at Trend Micro …
Iain Thomson, 16 Mar 2016

Millions menaced as ransomware-smuggling ads pollute top websites

Top-flight US online publishers are serving up adverts that attempt to install ransomware and other malware on victims' PCs. Websites visited by millions of people daily – msn.com, nytimes.com, aol.com, nfl.com, theweathernetwork.com, thehill.com, zerohedge.com and more – are accidentally pushing out booby-trapped adverts via …
John Leyden, 15 Mar 2016

Cyber-crooks now prefer ransomware to botnets. Yep, firms are paying up

File-encrypting ransomware has eclipsed botnets to become the main threat to enterprises, according to Trend Micro. During the fourth quarter of 2015, 83 per cent of all data extortion attacks were made with the use of crypto-ransomware. CryptoWall topped the list of 2015’s most notorious ransomware families, with a 31 per …
John Leyden, 09 Mar 2016

Phew! No evidence found for global criminal hacker conspiracy

Trend Micro security bods have 'capped' their epic research efforts to catalogue the world's regional cybercrime undergrounds. The mammoth effort saw researchers crawl through criminal forums in five countries, documenting the nuances of each as they went. The security outfit's forward-looking threat research team detail the …
Darren Pauli, 02 Mar 2016

BlackEnergy trojan also hit Ukrainian mining firm and railway operator

Security researchers have linked attacks against Ukrainian power utilities in Dec 2015, which used the BlackEnergy trojan, to similar attacks against a mining company and a large railway operator in Ukraine. The new research, by Kyle Wilhoit of Trend Micro, casts fresh light on what’s arguably the most significant malware- …
John Leyden, 15 Feb 2016

Google ninjas go public with security holes in Malwarebytes antivirus

Malwarebytes is rushing to plug security flaws in its software that allow miscreants to sling malware at its customers. The antivirus firm says it has addressed server-side vulnerabilities that were reported by Google Project Zero researcher Tavis Ormandy in November. However, security holes remain in the client-side software …
John Leyden, 02 Feb 2016
Apple iPad Mini 2013

Afraid of getting your iThing pwned? Get yourself iOS 9.2.1

Apple has posted an update for iOS, including patches for 13 CVE-listed security flaws. The Cupertino giant said that the iOS 9.2.1 update bundles the security fixes with a patch for a bug in the Apple Mobile Device manager that had prevented some iOS devices from installing apps. Note that this update will not fix the weird …
Shaun Nichols, 19 Jan 2016

Brazilian whacks: as economy tanks, cyber-crooks samba

Brazil's economy may be hurtling towards recession but its online criminal underground is booming with wannabe hackers and carders racing to get a cut, research finds. Trend Micro's work is the latest in a series of papers it has published in recent months that examine regional online crime economies including North America, …
Darren Pauli, 13 Jan 2016
SHUT UP!

Trend Micro AV gave any website command-line access to Windows PCs

Updated PCs running Trend Micro's Windows antivirus can be hijacked, infected with malware, or wiped clean by any website, thanks to a vulnerability in the security software. The design blunders in the consumer build of Trend's AV were discovered by Google Project Zero bod Tavis Ormandy. A patch is now available to address the remote- …
Iain Thomson, 11 Jan 2016
Facepalm by https://www.flickr.com/photos/the-magic-tuba-pixie/ cc 2.0 attribution generic https://creativecommons.org/licenses/by/2.0/

Trend Micro: Internet scum grab Let's Encrypt certs to shield malware

Updated It was inevitable. Trend Micro says it has spotted crooks abusing the free Let's Encrypt certificate system to smuggle malware onto computers. The security biz's fraud bod Joseph Chen noticed the caper on December 21. Folks in Japan visited a website that served up malware over encrypted HTTPS using a Let's Encrypt-issued cert …
More flaws found in Java

Oracle ordered to admit on its website that it lost the plot on Java security

Oracle bungled the security updates of its Java SE software so badly it must publish a groveling letter prominently on its website for the next two years. After gobbling up Java along with Sun in 2010, Oracle's software updates for Java SE would only affect the latest version installed. If you had multiple versions of Java SE …
Chris Williams, 22 Dec 2015