Anti-Malware
Main
Security
Anti-MalwareMalware
MSNBC Security
Security Fix
Security World News
Random Feeds
Archives
| Feb 2012 | Jan 2012 | Dec 2011 | Nov 2011 | Oct 2011 | Sep 2011 | Aug 2011 | Jul 2011 | Jun 2011 | May 2011 | Apr 2011 | Mar 2011 | Feb 2011 | Jan 2011 | Dec 2010 | Nov 2010 | Oct 2010 | Sep 2010 | Aug 2010 | Jul 2010 | Jun 2010 | May 2010 | Apr 2010 | Mar 2010 | Feb 2010 | Jan 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 |Sat, 31 Oct 09
Trick or Threat?
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/-jv4PFxTUGg/
The month of October in the threat landscape is often associated with scary social engineering tactics in time for Halloween. As in years past, the threats that lurk in and plague the current threat landscape are real. Most of them can cause irreparable damage, often resulting in information, or worse, identity theft as shown in [...]
Sat, 31 Oct 09
This Halloween, Enjoy the Treats but Be Wary of Online Tricks
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/pgcLtTLgrXM/
We often associate Halloween with pumpkins and costumes but for cybercriminals it’s merely another avenue to exploit, steal, and trick users into giving away their personal identities. Treats are fun but we all need to be on the lookout for the sneaky and tricky ways cybercriminals slither into our computers. Below are the TrendLabs, top 7 [...]
Fri, 30 Oct 09
Social Engineering Watch: Spam Leads to Canadian Pharmacy Sites
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/6xFTYX4Jjc8/
Trend Micro researchers found over 200 email samples that spamvertised male sexual enhancement pills. These bore subjects like “Re: Go wild in bedroom,” “Re: Let your lever straight up,” and “Re: Be her concrete-rod satisfier” and contains a URL that points to all-too-familiar Canadian pharmacy websites.While spammed messages that lead to Canadian pharma sites are not [...]
Fri, 30 Oct 09
Taiwan: Spear Phishers Target Gmail Users
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/aY-u_pxTlcw/
Trend Micro threat analysts found several phishing sites registered in China that target specific people or companies. The said email can customize phishing URLs using the names of intended recipients via a technique called “spear phishing.”Spear phishing has been used by cybercriminals before in attacks that involved specific targets. In the previous post, “So Is It Twitter or [...]
Thu, 29 Oct 09
Fake Facebook Password Notification Leads to Malware
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/JCGiVQmqzfA/
A new spam campaign that purports to be from Facebook is making rounds today. It bears the subject, “Facebook Password Reset Confirmation,” and informs users that their passwords have been changed for security purposes. It then asks them to open the attached .ZIP file that supposedly contains their new passwords, which in actual fact is [...]
Wed, 28 Oct 09
FDIC Spam Points to Info Stealer
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/iE1vnRsvI8s/
Trend Micro researchers recently found spam emails fashioned to come from Federal Insurance Deposit Corporation (FDIC). The email message informs users that they should visit the “official” FDIC’s website (provided in the email) to check their Deposit Insurance Coverage.However, clicking the URL leads users to a fake FDIC website where they are ask to download [...]
Tue, 27 Oct 09
IPv6 Tunneling Protocols: Good for Adoption, Not So Hot for Security
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/5tKT7T4qgzs/
Have you ever noticed how security often takes a backseat when trying something new? When I am trying out a protocol out for the first time, I barely skim the Security Considerations section of the RFC. Just the same, as more of us start experimenting with IPv6, the use of tunneling protocols is likely to [...]
Sun, 25 Oct 09
Spoofed Contract Carries Malware
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/Ta0koxZeTfo/
Trend Micro researchers found spammed messages with a ZIP file attachment that contains a malware. It bears the subject, “Contract of Settlements” and purports to come from LSM Company. It informs users to open and check the attached file that holds a contract, which in actual is an executable file (contract_1.exe) detected by Trend Micro [...]
Sat, 24 Oct 09
FAKEAV Goes Open Source… Or Not?
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/S4XKOMzcG5g/
In the recent FAKEAV spam campaign, I realized something was off. Once the user clicks the URL and gets the bogus Antivirus 2010 up and running on the system, additional files are added. The files I found added are related to ClamAV, the open source AV toolkit for UNIX. The files include the ClamAV virus [...]
Sat, 24 Oct 09
Windows 7? No Problem for Trend Micro Users
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/cVJvjtEbpAI/
Microsoft’s new OS, Windows 7, was made available to the general public earlier today. To say that this was eagerly anticipated is an understatement, however, as in the United Kingdom, pre-orders on Amazon for copies exceeded both the last book of the Harry Potter series as well as the Nintendo Wii. This made it the biggest grossing pre-ordered item [...]
Thu, 22 Oct 09
FAKEAV Uses Conficker Worm as Bait
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/h73Rc9vgwzc/
Very recently, cybercriminals have found another avenue to lure victims into their trap by using Microsoft as bait.A screen shot of one such campaign is shown in Figure 1 below. The email asks the recipient to download and install the attached .zip file (shown in Figure 2) which is actually a malicious file which purports [...]
Tue, 20 Oct 09
MJ’s “This Is It” Premiere Triggers Spam Attacks
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/4R9-qQJfE-4/
A day before Michael Jackson’s new song, “This Is It,” was slated to premier on michaeljackson.com on October 12, a spam run promoting a 45-second preview on YouTube already made the rounds.The email below, purporting to be from CNN.com was spammed to users in an effort to trick them into clicking the link to watch [...]
Sun, 18 Oct 09
9/11 Pentagon Conspiracy Theory Spam Leads to Malware
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/yjj1WFEjP9s/
Major events, especially tragic ones, are usually followed with people asking the question, “Why did this happen?” Such events affect a lot of people in different ways, and that it is hard for us to dismiss that there is no valid reason as to why they occurred.The September 11 terrorist attack on the United States [...]
Sat, 17 Oct 09
Zbot Spam Campaign Continues
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/lsURxzS8rm8/
A slightly modified Zbot spam campaign currently making rounds pretend to come from the IT support of various companies. It informs users that a security update in the mailing service caused changes in their mailbox settings. They are instructed to open the ZIP attachment and run the .EXE file, INSTALL.EXE to supposedly apply the changes. [...]
Fri, 16 Oct 09
ASProx Resurfaces with a Mass Compromise in Tow
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/lK2S-gvdHVA/
A specially crafted .PDF file, detected by Trend Micro as TROJ_PIDIEF.ASP, was recently found to have infected several Indian, Thai, and New Zealand websites.The Trojan takes advantage of critical vulnerabilities in Adobe Reader 9.1.3 and Acrobat 9.1.3; Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh, and UNIX; and Adobe Reader 7.1.3 and Acrobat 7.1.3 [...]
Thu, 15 Oct 09
Microsoft Releases 13 Security Updates for October Patch Tuesday
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/FmKarPc2yBA/
The solution for the vulnerability that was left unpatched during last month’s patch cycle was included in the recently released security advisory, along with a dozen other vulnerability reports.Of the 13 security vulnerabilities fixed today, 8 vulnerabilities were marked “critical” while the other 5 were marked “important.” This month’s release covered a wide range of [...]
Thu, 15 Oct 09
Tailor-Made ZBOT Spam Campaign Targets Various Companies
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/jJEpchNu5jE/
Trend Micro threat analysts were recently alerted to a phishing attempt targeting random employees of several companies. The email posed as a notification from the company’s “system administrator,” reminding the employee to update his/her system’s software due to a recent server software upgrade. The spammed email, like other phishing emails, contained a URL that led [...]
Sat, 10 Oct 09
New Adobe Zero-Day Exploit
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/WwX3pBtsqSo/
Trend Micro threat analysts were alerted to the discovery of a zero-day exploit that affects Adobe Reader and Acrobat 9.1.3 and earlier versions (CVE-2009-3459). Trend Micro detects this as TROJ_PIDIEF.UO. This .PDF file contains an embedded JavaScript, which Trend Micro detects as JS_AGENTT.DT. This JavaScript is used to execute arbitrary codes in a technique known [...]
Sat, 10 Oct 09
Even smart people make mistakes
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/DwyF2OH-Zuk/
Anybody want to know Trend Micro’s top secret internal strategic plans for our upcoming projects? How about our financial returns for the next quarter?Well sorry, obviously we are not going to give that sort of information out publically – we’d need to be crazy to do something like that.… On the other hand if you [...]
Thu, 8 Oct 09
8 Things You Probably Didn’t Know About KOOBFACE
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/I2k7XIGvKRs/
You’ve probably read or heard about KOOBFACE malware propagating through social network sites such as Facebook, MySpace and Twitter. A lot of analysis is available online through blogs or malware descriptions. But I bet most of you probably still don’t know some or all of these things about KOOBFACE…KOOBFACE knows: KOOBFACE has the capability to [...]
Thu, 8 Oct 09
‘What The Experts Still Don’t Know’ – The Thriving Cyber Crime Underground
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/qrG7QjIHNDs/
I was prompted into crafting this post by a Scientific American blog post which stated that many experts in various scientific studies are sometimes “blinded” by — in fact — their focused studies of a particular subject, missing some of the finer aspects of the larger picture, so to speak.This reminds me of the many [...]
Thu, 8 Oct 09
File Infector Takes Infection Up a Notch
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/0DxIeuCTl5c/
Trend Micro threat analysts were alerted to the discovery of a not-so-common file infector. Unlike usual file infectors that only do simple modifications to the files they infect, PE_XPAJ.A does complex modifications to hide its malicious code.Though it shares some characteristics with other PE variants, it is considered more than the average file infector. For [...]
Thu, 8 Oct 09
National Cybersecurity Awareness Month Calls People to Action
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/R7kNooz7b1U/
US President Barack Obama officially declared October as the National Cybersecurity Awareness Month. Now in its sixth year, the said campaign promotes increased awareness with its theme, “Our Shared Responsibility.” It also calls for everyone to do their fair share in securing the nation’s digital infrastructure. Furthermore, it stressed out the need for people [...]
Wed, 7 Oct 09
Windows Live Hotmail User Information Leaked
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/CDJHsY8QLhM/
A quick heads-up to all users of Microsoft’s Windows Live Hotmail email service: a list of at least 10,000 user names (and the corresponding passwords) of the second-largest email service after Yahoo has been leaked online. The list first appeared on the Pastebin website, which is normally used by programmers to share source code.Microsoft has [...]
Sat, 3 Oct 09
Cooked Balance Sheets, BEBLOH Style
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/AGQP5ZN1HS4/
Trend Micro analysts have come across a new variant of the BEBLOH family of information stealers that goes well beyond the traditional tactic of logging keystrokes and sending it to another server for exploitation. Instead, this particular variant steals user information, uses it right away, and cleverly disguises it from users.This particular variant, detected as [...]
Fri, 2 Oct 09
How Web 2.0 Can Save Lives
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/Wv2iXPqIdB8/
Typhoon Ketsana is currently leaving a trail of destruction, first in the Philippines, and now in Vietnam. Amidst the disaster, we see a glimmer of hope, one where netizens actively participate to make a difference, empowered by the social Web.Citizen Journalism In the Philippines, residents with camera phones began taking pictures and videos of events as [...]