Security issues such as the Heartbleed bug and a number of huge data breaches were the main attractions of the second quarter of 2014. Targeted industries and security companies responded in varying fashion, all in the name of protecting end-users.
Domain Generation Algorithm (DGA) is used by most malware to mask C&C activities. ZeuS/ZBOT variants of Gameover has upped the ante by employing a different DGA technique that makes detection more difficult.
Like a thousand ways to skin a cat, there are a number of ways malware avoid detection. POWELIKS malware, for example, hides in the Windows registry. Trend Micro analyzes its behavior and makes sure that customers are safe from this malware.
Cryptoblocker is seen spreading in the US, France, and Japan, among other countries. New ransomware variants, on the other hand, are cropping up in the wild. Trend Micro investigates these malware further.
By targeting session tokens sent via SMS in an elaborate fashion, a cybercriminal gang is able to intercept two-factor authentication and get your banking credentials. This attack is dubbed Operation Emmental.
Repackaged apps use lures such as using a legitimate/popular app's icon or name. This method allows these malicious apps to thrive in app stores other than Google Play. Trend Micro research shows that repackaged apps are crucial in proliferation of mobile malw