May 7, 2010 - TrendLabs SM engineers recently discovered an interesting Shockwave Flash (.SWF) file that displays an image and downloads a worm with code capable of initiating a denial-of-service (DoS) attack. The file detected as SWF_PALEVO.KK is hosted on a malicious site and runs (continue reading...) Read more
May 5, 2010 - May 9 is Mothers’ Day for most countries all over the world. As a perfect gift on this particular holiday, spammers decided to honor mothers by spamming e-cards from supposedly legitimate greeting card companies to distribute their malicious wares. Figure (continue reading...) Read more
May 4, 2010 - May 4, 2000 hit the world with what was then the biggest ever computer virus. It was important that this, along with all other email viruses, was right out in the open, visible to everyone. Each user could see the email (continue reading...) Read more
May 4, 2010 - A few days ago, TrendLabsSM engineers received spam containing salad words (see Figure 1) along with a .ZIP file attachment (see Figure 2). This mixture of random words can be seen in the subject header and in the spam body. (continue reading...) Read more
April 30, 2010 - TrendLabsSM security researchers recently noted an increase in the volume of spammed messages posing as newsletters from Amazon. These email messages even sported a supposed Amazon email address, {BLOCKED}ers@amazon.com, to make them look more credible. (continue reading...) Read more
April 29, 2010 - Beware, Twitter enthusiasts! Spam posing as Twitter email notifications are currently proliferating in the wild. The spam are of two types—the first type attempts to steal personal information or login credentials while the second attempts to infect systems with malware. A (continue reading...) Read more
April 28, 2010 - .PDF files—or their inherent features—have been used by cybercriminals in some of the most noteworthy attacks we have encountered. Modified versions of this file type have been especially notorious these past few months since (continue reading...) Read more
April 27, 2010 - ZeuS/ZBOT is best known for its information-stealing routines via the use of configuration files downloaded from their home sites. They are created using toolkits that allow remote control of the malware. Getting them (continue reading...) Read more
April 27, 2010 - TrendLabsSM received reports of a suspicious email claiming to be an IT notification. It informs users that their mailbox settings have been changed. This email has a .PDF attachment that supposedly contains instructions that the users need to read before (continue reading...) Read more
April 26, 2010 - TrendLabsSM recently spotted a phishing site that specifically targets Public Bank of Malaysia’s clients. Public Bank is one of Malaysia’s leading financial institutions that operate in other parts of Asia as well, including Hong Kong, China, and Cambodia. The phishing page (continue reading...) Read more
April 26, 2010 - The ZeuS/ZBOT botnet has been entrenched in the cybercrime business for a long time now and has continuously evolved and improved. Given the vast number of toolkit versions readily available in the underground, the (continue reading...) Read more
April 22, 2010 - We regularly blog about how cybercriminals misuse newsworthy events in order to gain profit for themselves. In the past 24 hours, TrendLabsSM has tracked multiple FAKEAV attacks that try and trick users searching for help following the recent McAfee update 5958 incident. This (continue reading...) Read more
April 22, 2010 - The KOOBFACE FTP grabber component, which is a variant of the LDPINCH Trojan family, usually drops stolen FTP user names and passwords to a remote server controlled by the KOOBFACE gang. This remote server, located in Hong (continue reading...) Read more
April 20, 2010 - The ZeuS/ZBOT malware continues to uphold its notorious reputation. As we have seen in the past, ZBOT variants steal account credentials when users visit various social networking, online shopping, and bank-related websites. Another social engineering tactic that has been (continue reading...) Read more
April 19, 2010 - Intego discovered a new OS X malware last week. Based on its report, however, this new malware is a variant of an early Mac OS X malware that was first seen in 2004. It was reported that cybercriminals have (continue reading...) Read more
April 19, 2010 - Cybercriminals employ different but complementary techniques when it comes to propagating FAKEAV. Ultimately, however, their goal is to entice users to click malicious links that led to the download of different FAKEAV variants. (continue reading...) Read more
April 14, 2010 - News of a new botnet has been circulating recently in the threat landscape. According to reports, several systems have been infected by TROJ_DLOADE.ATJ, which has been built to (continue reading...) Read more
April 14, 2010 - Following Microsoft’s recent Patch Tuesday, Oracle, too, released 47 security fixes for its products. Oracle’s critical patch update for April can be found in Oracle Critical Patch Update Advisory—April 2010. Oracle’s update is a collection of patches for multiple security (continue reading...) Read more
April 14, 2010 - TrendLabsSM recently encountered a phishing email specifically targeting Standard Chartered Bank clients. The spammed message instructs recipients to log in to their online accounts and to visit the Secure Messages section to read a specific message. The email body includes an embedded (continue reading...) Read more
April 13, 2010 - Regular Release for Microsoft This April April 13 is here and for Windows users, this means it is Patch Tuesday. According to the advance notification from Microsoft almost a week ago, the company will be releasing (continue reading...) Read more