Category: http://feeds.trendmicro.com/Anti-MalwareBlog/

Our New Blog

Read the original article: Our New Blog Security Intelligence Blog has a new home! Our new site is https://www.trendmicro.com/en_us/research.html Read new threat discoveries, relevant perspectives on security incidents and attacks, and the latest news happening in the cybersecurity space. See…

Ensiko: A Webshell With Ransomware Capabilities

Read the original article: Ensiko: A Webshell With Ransomware Capabilities Ensiko is a PHP web shell with ransomware capabilities that targets various platforms such as Linux, Windows, macOS, or any other platform that has PHP installed. The malware has the…

Ensiko: A Webshell With Ransomware Capabilities

Read the original article: Ensiko: A Webshell With Ransomware Capabilities Ensiko is a PHP web shell with ransomware capabilities that targets various platforms such as Linux, Windows, macOS, or any other platform that has PHP installed. The malware has the…

New Tekya Ad Fraud Found on Google Play

Read the original article: New Tekya Ad Fraud Found on Google Play In late March, researchers from CheckPoint found the Tekya malware family, which was being used to carry out ad fraud, on Google Play. These apps have since been…

Netwalker Fileless Ransomware Injected via Reflective Loading

Read the original article: Netwalker Fileless Ransomware Injected via Reflective Loading Ransomware in itself poses a formidable threat for organizations. As a fileless threat, the risk is increased as it can more effectively evade detection. We discuss how Netwalker ransomware…

QNodeService: Node.js Trojan Spread via Covid-19 Lure

Read the original article: QNodeService: Node.js Trojan Spread via Covid-19 Lure QNodeService is a new, undetected malware sample written in Node.js, which is an unusual choice for malware authors. The malware has functionality that enables it to download/upload/execute files, steal…

Targeted Ransomware Attack Hits Taiwanese Organizations

Read the original article: Targeted Ransomware Attack Hits Taiwanese Organizations A new targeted attack has infected several organizations in Taiwan with a new ransomware family, which we have dubbed ColdLock. This attack is potentially destructive as the ransomware appears to…

WebMonitor RAT Bundled with Zoom Installer

Read the original article: WebMonitor RAT Bundled with Zoom Installer We encountered an attack that conceals RevCode WebMonitor RAT by abusing Zoom installers. The post WebMonitor RAT Bundled with Zoom Installer appeared first on .   Advertise on IT Security…

Gamaredon APT Group Use Covid-19 Lure in Campaigns

Read the original article: Gamaredon APT Group Use Covid-19 Lure in Campaigns In March, we came across an email with a malware attachment that used the Gamaredon group’s tactics. Some of the emails used the coronavirus pandemic as a topic…

Security Risks in Online Coding Platforms

Before cloud integrated development environments (IDEs) became an option, you, i.e., the developer, typically need to download and/or install everything you need onto your own workstations. However, as DevOps gained traction and cloud computing usage grew, you can now also…

An In-Depth Technical Analysis of CurveBall (CVE-2020-0601)

A code-level root cause analysis of CVE-2020-0601 in the context of how applications are likely to use CryptoAPI to handle certificates — more specifically in the context of applications communicating via Transport Layer Security (TLS). The post An In-Depth Technical…