Malicious ads and zero-day flaws: Reemerging threats challenge trust in supply chains and best practices
The biggest security gaps are the ones often overlooked. At the start of the year, users were subjected to malvertisements with zero-day exploits, expanded ransomware targets, and macro malware attacks on MS Office documents. All of these are reemerging threats begging for concrete security actions that leave no room for error. Find out more from the TrendLabs 1Q 2015 Security Roundup.
A year of destructive cyber attacks highlights the need for cyber-preparedness
The year 2014 was rife with mega breaches, hard-to-patch vulnerabilities, thriving cybercriminal underground economies, and a number of large-scale incidents. Faced with these growing threats, organizations need to plan ahead and be ready to take action instantly. Learn more from 2014 TrendLabs annual security roundup.
TrendLabs 3Q 2014 Security Roundup: Vulnerabilities Under Attack
Oft-overlooked vulnerabilities in widely used software and devices surfaced in the third quarter of 2014, highlighting the importance of solid security. Shellshock and a Netis router vulnerability proved that attackers don't discriminate when it comes to targets. However, these are just two of the biggest threats that hit users in the past three months. Find out what other threats reared their ugly heads.
The Invisible Becomes Visible: Trend Micro Security Predictions for 2015 and Beyond
As security vendors and law enforcement agencies close in on attackers, the more darknets, unreported but big vulnerabilities across platforms and devices, and the Deep Web will figure in the threat landscape.
TrendLabs 2Q 2014 Security Roundup: Turning the Tables on Cyber Attacks
Recent events such as data breaches in the first half of 2014 strongly indicate that organizations need to start adopting a more strategic approach to protect digital information. This strategy includes protecting sensitive data such as intellectual property and trade secrets—often the crown jewels of any organization.
TrendLabs 1Q 2014 Security Roundup: Cybercrime Hits the Unexpected
At the end of 2013, we realized that digital heists pushed stick-’em-up bank heists to the curb. While this holds true amid large data breach incidents and rampant cybercrime, the first quarter of 2014 also showed that today’s cybercriminals are aiming at previously nontargeted entities to carry out malicious deeds. Proof of these include the US$480-million digital heist Bitcoin exchange, MtGox, suffered from and recent attacks against large retailers via point-of-sale (PoS) terminals. These high-profile crimes targeted unexpected information sources even if attackers went after the same thing—money, used the same techniques despite more strategic planning, and were motivated by greed.
Targeted attacks refer to a category of threats that pertain to intrusions by threat actors or attackers. Attackers aggressively pursue and compromise chosen targets in order to steal sensitive information. Targeted attacks are not one-off attacks; rather, they comprise a series of attempts over time to get deeper and deeper into a target network.
Trend Micro co-sponsored an extensive security survey of enterprise accounts in North America and Europe. Conducted by CyberEdge Group, LLC, a premier research and marketing firm, the survey examines the current and planned deployment countermeasures for establishing effective cyber defenses. The report will reveal significant findings from the survey and is intended to provide IT security decision makers with a better understanding of how their perceptions, concerns, priorities, and – most importantly – current defensive postures stack up against those of other IT security professionals and organizations.
TrendLabs Annual 2013 Security Roundup: Cashing in on Digital Information
Good old-fashioned stick-’em-up bank heists have seemingly been pushed to the curb by digital heists in 2013. Cybercriminals who used sophisticated techniques to get hold of credit card numbers, bank accounts, and even personally identifiable information (PII) in a matter of minutes have taken the place of traditional thieves. Information is, after all, the new currency. And with it on hand, cybercriminals can hold victims at their mercy, which should make us all realize that we stand to lose more than we think.
Blurring Boundaries: Trend Micro Predictions for 2014 and Beyond
Cybercriminals and attackers will use mobile devices as well as reliable exploits to gain entry to systems. While “wearable” technologies start to gain traction, attacks to these technologies/devices will be minimal and will only be for research. Businesses and end-users alike will have to battle threats to mobile banking, as well as ensuring that their online privacy is intact.
TrendLabs 3Q 2013 Security Roundup: The Invisible Web Unmasked
News about cybercrime circulated in recent months. The takedown of Liberty Reserve, an illegal digital currency system, and the recent seizure of the online black market, Silk Road, were among the many incidents this quarter that triggered greater public awareness of online threats. The arrest of the alleged Blackhole Exploit Kit creator in October also proved that cybercrime is indeed a business that thrives right under our noses.
TrendLabs 2Q 2013 Security Roundup: Mobile Threats Go Full Throttle: Device Flaws Lead to Risky Trail
The TrendLabs 2012 Annual Security Roundup showed that the past year ushered in the post-PC era as cybercriminals embraced mobile malware use. Mobile malware remained a big problem for users this quarter though the main concern went beyond their sheer number. The discovery of OBAD malware and the “master key” vulnerability highlighted cybercriminals’ ability to find ways to exploit flaws in the Android™ ecosystem. We noted that these incidents were designed to bypass security measures and serve as other means for cybercriminals to gain control over devices.
TrendLabs 1Q 2013 Security Roundup: Zero-Days Hit Users Hard at the Start of the Year
While exploits and vulnerabilities are a common problem for users, zero-day exploits in high-profile applications are relatively rare. That was not the case in the first quarter of 2013. Multiple zero-day exploits were found targeting popular applications like Java and Adobe Flash Player, Acrobat, and Reader.
In addition, as predicted, we saw improvements in already-known threats like spam botnets, banking Trojans, and readily available exploit kits.
Other high-profile incidents include the South Korean cyber attacks in March, which reiterated the dangers targeted attacks pose. On the mobile front, fake versions of popular apps remained a problem though phishers found a new target in the form of mobile browsers.
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
Experts have been predicting the coming “post-PC” era for a few years. So the question has been, “when will we know that it’s really here?” A simple answer is, we’ll know it’s really here when cybercriminals move beyond the PC. By that measure, 2012 is truly the year we entered the post-PC era as cybercriminals moved to embrace Android, social media platforms, and even Macs with their attacks.
TrendLabs 2012 Mobile Threat and Security Roundup: Repeating History
Android seems to be repeating history by way of Windows. The platform’s growing dominance in the mobile landscape echoes that of Windows in the desktop and laptop space. And much like Windows, Android’s popularity is making it a prime target for cybercriminals and attackers, albeit at a much faster pace.