April 14, 2009 - Normally, cybercriminals tend to be an anonymous lot. However, over the weekend we encountered a malware attack on Twitter which, if the named author is to be believed, was conceived out of boredom. There are many (continue reading...) Read more
April 12, 2009 - Easter, like any other holiday, will not pass without cyber criminals attempting to exploit the occasion for their own malicious operations. Trend Micro Advanced Threats Researcher Paul Ferguson discovered websites that seem to be related (continue reading...) Read more
April 9, 2009 - Cyber criminals have now updated their PDF exploits to include the getIcon() vulnerability (CVE-2009-0927). We currently detect this as TROJ_PIDIEF.OE. As usual, we highly encourage users to update now to the latest versions of Adobe (continue reading...) Read more
April 8, 2009 - Days after the April 1st activation date of Conficker, nothing interesting was seen so far in our Downad/Conficker monitoring system except the continuous checking of dates and times via Internet sites, checking of updates via HTTP, and the increasing (continue reading...) Read more
April 8, 2009 - A new MS08-067 exploit silently made its entrance as the rest of the world was keeping watch on DOWNAD’s next step last week. In what seems to be a case of “old worm with new tricks,” (continue reading...) Read more
April 7, 2009 - As usual, the approaching tax season (April 15th is Tax Day in the US) also comes with tax-related online threats. With unemployment rates reaching record highs this year, cybercriminals have yet another opportunity to polish their social engineering techniques. Last year, (continue reading...) Read more
April 4, 2009 - Yes, we didn’t want to hear any more about this either, but this is actually interesting. In the process of investigating the WORM_DOWNAD.KK peer-to-peer (P2P) protocol communications, Trend Micro threat researchers have discovered (continue reading...) Read more
April 3, 2009 - Visualizations can often show researchers details that would otherwise take hours of staring at raw data to find. WORM_DOWNAD.KK has plenty to show us if we look in the right places. This post focuses on the various P2P channels. The first (continue reading...) Read more
April 3, 2009 - A new 0-day malware leveraging on a vulnerability found in Microsoft PowerPoint is making rounds. Distributed as attachment to spam messages, specially crafted PowerPoint files are used for exploitation, which would grant cybercriminals access into the affected (continue reading...) Read more
April 2, 2009 - If you have been swamped lately by email offering unlimited image hosting services at a certain site such as the one below, blame Waledac for that. Figure 1. Image hosting spam Worth noting also is that this particular image (continue reading...) Read more
April 2, 2009 - All around the world, April 1st has already passed. The DOWNAD/Conficker April 1st hype has kept most, if not all, of us in the security industry and in the (continue reading...) Read more
April 2, 2009 - The Trend Micro Content Security team recently discovered a Cable Cable Inc. domain hosting a Walmart phishing survey. Cable Cable Inc. is a television, Web, and phone service provider based in Canada. Walmart, of course, is the chain of discount (continue reading...) Read more
April 1, 2009 - While the computing population is secretly expecting fireworks once DOWNAD-infected PCs start accessing some of its 50,000 generated URLs, we at Trend Micro know that cybercrime operates in almost absolute stealth. Preaching this alongside best practices like immediately (continue reading...) Read more
March 30, 2009 - Much has been said about the DOWNAD worm (a.k.a. Conficker) and its enigmatic payload that will supposedly be unleashed on April 1st. There are two days to go until the moment of truth and the hype isn’t expected to die (continue reading...) Read more
March 29, 2009 - Malware targeting machines running on Mac OS are quickly becoming quite common, with new variants appearing on a seemingly monthly basis. Just last week, our friends at Intego reported of new variant of the RSPLUG (continue reading...) Read more
March 27, 2009 - The Trend Micro Content Security team discovered spoofed email messages that pretend to be from Delta Airlines. The fake email message contains a confirmation numbers of supposed ticket purchase and a ZIP file. Recipients are told that this said file (continue reading...) Read more
March 24, 2009 - The misuse of legitimate services continue as after recent reports of cybercriminals exploitng the redirecting service TinyURL to slip past spam filters, legitimate e-card services are now being used. We have received email samples that arrive as ecards with the (continue reading...) Read more
March 24, 2009 - How much is your data worth? A great deal, perhaps, for most of us. Naturally, cybercriminals keep coming up with new ways to exploit this. The new attack? Taking a page out of offline criminal syndicates, now your data is (continue reading...) Read more
March 24, 2009 - Mobile technology is mainstream now. Just as radio, television and desktop computers have become integral parts of the normal household, mobile devices such as cellphones, MP3 players and laptops have also become essential tools in (continue reading...) Read more
March 20, 2009 - Aside from spamming our mailboxes with dire news of bombings in our local cities, WALEDAC is also very busy filling our mailboxes with more unwanted emails. This time, peddling various pills, meds, and male enhancements. Here’s a gallery of pharma (continue reading...) Read more