|
TrendLabs | Malware Blog - by Trend Micro
|
TrendLabs Malware Blog - Hottest news about worms, viruses, trojans, adware and other internet threats by Trend Micro.
|
-
‘Dating Spam’
An odd increase in the number of spam ploys has been noticed amidst the usual threats brought by the upcoming holidays – that are, oddly enough, not even related to this yuletide season.
It is ” dating spam” with one of the most common techniques there are — same contents in plain text inviting the recipient [...]
-
Scammers Evade Spam Filters by using Email ‘From’ Fields
Scam messages that purport to be from banks, government institutions, or even from certain individuals circulate the Web. Email messages where recipients are told that they have won a prize or are asked for donations would already be familiar to most Web users. Scammers, however, show no signs of slowing down using this technique.
The Trend [...]
-
Microsoft to Release Out-of-Band Patch for IE Bug
For the second month in a row, Microsoft is releasing another out-of-band patch to address the much-exploited zero-day vulnerability in Internet Explorer. The browser bug - a flaw in the data-binding function of IE - prominently featured in the following massive cybercriminal threats:
An online games information-stealing operation that seemed to be targeting Chinese users. Websites [...]
-
With ‘Friends’ Like These…
Everyone who knows anything about the Internet knows it’s all about social networking nowadays. So it really shouldn’t be a surprise that social engineering actively being exploited by cybercriminals to spread malware.
Spammed email messages supposedly from the social networking website hi5, reported to have 70 million registered members, inform users that they received a friend [...]
-
Spammers Come A-Tweeting
Twitter, having recorded a massive 422% growth in traffic in the span of 12 months, is the current darling of Web 2.0 enthusiasts. The downside: its popularity is now also being taken advantage of for malicious purposes. No surprises there.
Fake profiles are proliferating in the micro-blogging site, initially annoying legitimate users with follower notifications. Such [...]
-
A Word(pad) of Caution
After December’s Patch Tuesday, yet another vulnerability surfaces, this time targeting one of the Microsoft’s more usual members: WordPad. Trend Micro detects this vulnerability as TROJ_MCWORDP.A.
The exploit works by using a specially-crafted .DOC, .WRI, or .RTF file to take advantage of the WordPad vulnerability, thereby causing the said application to crash. This crash may then [...]
-
IE Zero-Day Follow-Up: Now Featuring Mass SQL Injections
Malware criminals were quick to pounce on the recently discovered — and still unpatched — zero-day exploit for Internet Explorer and to mount mass SQL injection attacks, Trend Micro researchers have found. Researchers industry-wide have correctly warned that it was only a matter of time before this exploit, which is publicly available, was used for [...]
-
Security in Recession
With the National Bureau of Economic Research in the United States announcing last week that the U.S. has officially been in recession since Dec. 2007, IT budgets are highly likely to be strictly controlled both in the U.S. and in other parts of the world. I had a conversation with a friend over the weekend, [...]
-
Zero-Day IE Flaw Being Actively Exploited
Microsoft’s recent security updates fail to provide protection against a recently discovered zero-day vulnerability, which could provide opportunities for cyber criminals to compromise PCs.
Several websites were found rigged with a malicious JavaScript detected by Trend Micro as JS_DLOAD.MD. This script exploits this zero-day vulnerability in Internet Explorer, through a Heap Spray on SDHTML. It also [...]
-
December Patch Tuesday Summary
This month, Microsoft has released eight security bulletins addressing six critical and two important vulnerabilities.
MS08-070 Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution
MS08-071 Vulnerabilities in GDI Could Allow Remote Code Execution
MS08-072 Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution
MS08-073 Cumulative Security Update for Internet Explorer
MS08-074 Vulnerabilities [...]
-
DNS Changer Malware Evolves - Again
A new DNS changing malware with a twist was recently found by researchers.
A new DNS Changer Trojan uses a new method to poison other hosts on the local subnet installing a rogue Dynamic Host Configuration Protocol (DHCP) server on the network.
DHCP is a protocol used to disseminate required information to network clients in order to [...]
-
Cyber Criminals Target Firefox Users
The competition for dominance among Web browsers continues to escalate, and this point is not lost on cyber criminals who are always on the lookout for any possible method to infect more victims in order to achieve their goals.
Trend Micro has received reports that Mozilla Firefox has recently been targeted by malware we detect as [...]
-
Most Abused Infection Vector
We gathered malware data from January to November 2008 to give us an idea of just how dangerous surfing the Internet is. We analyzed the arrival methods of the top 100 malware infecting the most number of systems for the said period and came up with the following statistics:
Figure 1. Infection Vectors of Top 100 [...]
-
Sun Issues Updates on Several Critical Java Vulnerabilities
Sun Microsystems, a multinational vendor of computers and computer software, has issued 13 alerts to address vulnerabilities affecting the Sun Java Runtime Environment (JRE). JRE allows users to run Java applications. The bugs have varying degrees of severity, and the most severe - when exploited - could allow remote attackers to take control of an [...]
-
Yet More Fake (And Malicious) Antivirus
A new development on the rogue antivirus campaign was recently discovered. It seems that the latest version of these rogue programs has found a new face. The current buzz is that this application is the latest rogue anti-spyware program victimizing unknowing users by extorting money from them by feeding on their worries of (non-existent) system [...]
|
News Feeds