Martijn Lammerts
My own digital place with a little of everything

Mobile Ransomware: How to Protect Against It

15 December 2016

In our previous post, we looked at how malware can lock devices, as well as the scare tactics used to convince victims to pay the ransom. Now that we know what bad guys can do, we'll discuss the detection and mitigation techniques that security vendors can use to stop them. By sharing these details with other researchers, we hope to improve the industry's collective knowledge on mobile ransomware mitigation.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Mobile Ransomware: How to Protect Against It

Continue reading...

Home Routers: Mitigating Attacks that can Turn them to Zombies

14 December 2016

With more households running smart devices that access the internet, the router is typically their only doorkeeper. And whether an end user has a laptop/desktop and router combo, or a miscellany of other devices connected to the network, the security risks are the same. Based on our research, home routers have been most susceptible to cross-site scripting (XSS) and PHP arbitrary code injection attacks, as well as being involved in carrying out DNS amplification attacks.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Home Routers: Mitigating Attacks that can Turn them to Zombies

Continue reading...

Patch Tuesday of December 2016: Microsoft Releases 12 Bulletins, Six Critical

14 December 2016

For the last Patch Tuesday of 2016, Microsoft adds 12 bulletins split evenly into six rated Critical and six rated Important. Among the critical updates was MS16-148, which patches several vulnerabilities in Microsoft Office. If exploited, the most severe of these vulnerabilities could allow attackers to run arbitrary code in the guise of the user.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Patch Tuesday of December 2016: Microsoft Releases 12 Bulletins, Six Critical

Continue reading...

Leaking Beeps: IT Systems Broadcasting Sensitive Info

13 December 2016

In our previous installments of the Leaking Beeps research series, we have discussed that both healthcare and industrial control systems have been sending clear text messages via the pager communications protocols POCSAG and FLEX. We were surprised to see pages containing sensitive patient information when we looked into the use of pagers in the healthcare sector. We were just as alarmed to see the number of automation systems in industrial environments that were utilizing POCSAG and FLEX as wireless communications paths. This gave a lot of information away to a potential attacker who could use them in a future attack.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Leaking Beeps: IT Systems Broadcasting Sensitive Info

Continue reading...

Mobile Ransomware: Pocket-Sized Badness

8 December 2016

A few weeks ago, I spoke at Black Hat Europe 2016 on Pocket-Sized Badness: Why Ransomware Comes as a Plot Twist in the Cat-Mouse Game. While watching mobile ransomware from April 2015 to April 2016, I noticed a big spike in the number of Android ransomware samples. During that year, the number of Android ransomware increased by 140%. In certain areas, mobile ransomware accounts for up to 22 percent of mobile malware overall! (These numbers were obtained from the Trend Micro Mobile App Reputation Service.) One trend noticed during this time is that it closely mirrors the path paved by traditional ransomware: like other ransomware types, mobile ransomware is constantly evolving and growing.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Mobile Ransomware: Pocket-Sized Badness

Continue reading...

Mobile Ransomware: Pocket-Sized Badness

8 December 2016

A few weeks ago, I spoke at Black Hat Europe 2016 on Pocket-Sized Badness: Why Ransomware Comes as a Plot Twist in the Cat-Mouse Game. While watching mobile ransomware from April 2015 to April 2016, I noticed a big spike in the number of Android ransomware samples. During that year, the number of Android ransomware increased by 140%. In certain areas, mobile ransomware accounts for up to 22 percent of mobile malware overall! (These numbers were obtained from the Trend Micro Mobile App Reputation Service.) One trend noticed during this time is that it closely mirrors the path paved by traditional ransomware: like other ransomware types, mobile ransomware is constantly evolving and growing.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Mobile Ransomware: Pocket-Sized Badness

Continue reading...

Avalanche: Thwarting Cybercriminal Hazards with Law Enforcement Collaboration

7 December 2016

On November 30th, an international law enforcement operation stamped out Avalanche, a large-scale content and management platform designed for the delivery of bullet-proof botnets. Avalanche’s scale and scope spanned victims from 180 countries, over 800,000 domains in 60+ top-level domains (TLD), more than one million phishing and spam e-mails, 500,000 infected machines worldwide, and 130TB of captured and analyzed data.

The coordinated effort from international law enforcement agencies that include Germany’s Public Prosecutor’s Office Verden and the Lüneburg Police, the U.S.’s Attorney Office for the Western District of Pennsylvania, Department of Justice and the Federal Bureau of Investigation (FBI), Europol, and Eurojust as well as partners in ShadowServer, resulted in one of the most successful anti-cybercrime operations in recent years.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Avalanche: Thwarting Cybercriminal Hazards with Law Enforcement Collaboration

Continue reading...

New Flavor of Dirty COW Attack Discovered, Patched

7 December 2016

Dirty COW (designated as CVE-2016-5195) is a Linux vulnerability that was first disclosed to the public in October 2016. It was a serious privilege escalation flaw that allowed an attacker to gain root access on the targeted system; other methods were needed to run any code on the targeted machine. We have found a new way to target Dirty COW that is different from existing attacks.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

New Flavor of Dirty COW Attack Discovered, Patched

Continue reading...