Category: Anti-Malware

anti-Malware

by David Sancho and Fernando Merces For a while now, Trend Micro has focused its efforts on covering ATM malware, especially new families that come up with features that stealthily target banking customers. In this blog post, we’re going to cover two...

/ December 14, 2017

It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. With that said, there were still a few notable vulnerabilities that were addressed. Perhaps the...

/ December 13, 2017

by Daniel Lunghi, Jaromir Horejsi, and Cedric Pernet Patchwork (also known as Dropping Elephant) is a cyberespionage group known for targeting diplomatic and government agencies that has since added businesses to their list of targets. Patchwork’s moniker is from its...

/ December 11, 2017

The banking trojan known as DOWNAD (Detected by Trend Micro as DOWNAD family) first appeared back in 2008, where it managed to be one of the most destructive malware at the time, infecting up to 9  million computers and gaining...

/ December 7, 2017

Just a few days ago, the notorious Internet of Things (IoT) botnet known as Mirai (detected by Trend Micro as ELF_MIRAI family) was detected as being active in a new campaign targeting Argentina, when red flags were raised after an...

/ December 1, 2017

Many Linux distributions are at risk due to a recently disclosed flaw in systemd: a flaw in its DNS resolver could cause a denial-of-service attack on vulnerable systems. The vulnerability is exploited by having the vulnerable system send a DNS query...

/ November 23, 2017

by Vít Šembera (Threat Researcher) Intel recently released a security advisory detailing several security flaws in its Management Engine (ME). The advisory provides critical ME, Trusted Execution Technology (TXT), and Server Platform Services (SPS) firmware updates for versions 8.X-11.X covering multiple...

/ November 22, 2017

by Jaromir Horejsi (Threat Researcher) We encountered a few interesting samples of a file-encoding ransomware variant implemented entirely in VBA macros called qkG (detected by Trend Micro as RANSOM_CRYPTOQKG.A). It’s a classic macro malware infecting Microsoft Word’s Normal template (normal.dot...

/ November 22, 2017

October’s macOS security update contained a fix for a vulnerability that Trend Micro privately disclosed to Apple earlier this year. The vulnerability (designated as CVE-2017-13811), was in the fsck_msdos system tool. This tool checks for and fixes errors in devices formatted with the FAT...

/ November 21, 2017

by Ronnie Giagone, Lenart Bermejo, and Fyodor Yarochkin The waves of backdoor-laden spam emails we observed during June and July that targeted Russian-speaking businesses were part of bigger campaigns. The culprit appears to be the Cobalt group, based on the...

/ November 20, 2017