Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
New Trojan Android, Xavier, Is an Information-Stealing Ad Library
We have recently discovered a Trojan Android ad library called Xavier (Detected by Trend Micro as ANDROIDOS_XAVIER.AXM) that steals and leaks a user’s information silently. Xavier’s impact has been widespread.
Erebus Linux Ransomware Strikes Again
On June 12, South Korea-based web hosting company NAYANA became one of the latest high-profile victim of ransomware after 153 of its Linux servers were found infected with an Erebus ransomware variant. The ransomware attack affected the websites, database and multimedia files of around 3,400 businesses employing NAYANA’s service.
Spam Run in Europe Uses Hover Action to Deliver Banking Trojan
While many of today’s malware sport relatively new capabilities, most of their authors or operators still use old techniques to deliver them. Malicious macros and shortcut (LNK) files are still used in ransomware, banking Trojans, and targeted attacks, for instance.
Cyberpropaganda Is a Major Growth Area for Cybercriminals
As we predicted in 2016, cyberpropaganda is a major growth area for cybercriminals. Per that prediction, “The rise in the Internet penetration has opened the opportunity for invested parties to use the Internet as a free-for-all tool to influence public opinion to go one way or another.”
Hack Override Malware Took Down a Power Grid
Hackers appear to be testing the most evolved specimen of grid-sabotaging malware ever observed in the wild. Researchers describe this malware as the second-ever known case of malicious code purpose-built to disrupt physical systems.
MacOS Security Reputation Challenged by New Ransomware-as-a-Service
Once viewed as nigh-on impregnable, Apple’s reputation for secure products is being challenged once again, this time by ransomware-as-a-service. Mac computers are being targeted by a new strain of malware created to infect the OS.
The Next Step in Advanced Targeted Attacks Is Business Process Compromise
Targeted attacks have come a long way in recent years, leveraging increasingly advanced techniques aimed at specific individuals. Often, these hackers pinpoint a single person within an enterprise, steal their credentials, log into an account, and leverage this position to find sensitive information.
Hackers Use Protection Strategies for Attack
It’s a recurring theme in sports movies, war stories and crime stories alike: In order to defeat the enemy, one must think like the enemy. This approach has been taken – oftentimes quite successfully – in an array of settings, including the cybersecurity realm.
The Demand for Crimeware-as-a-Service Is Growing
Malware, botnets, phishing and backdoors are all offered on the cheap as subscription. Today’s successful malware writers are remarkable in their ability to adjust not only their technical capabilities to evade the latest security technologies, but also their business practices.
Trend Micro’s Forward-Looking Threat Research Team is Presenting at FIRST
At the FIRST conference in San Juan, Trend Micro’s Forward-looking Threat Research team will be presenting four sessions on a wide range of topics. These sessions will demonstrate a sliver of the research going on at Trend Micro.
National Flight Academy Plans First-of-Its Kind Cybersecurity Camp for Kids
Instead of swimming, surfing or horseback riding, summer camp for some Pensacola-area kids involves sitting in a room filled with computer screens and learning about cybersecurity. Students will practice writing computer code, encrypting messages and thwarting hacking attempts.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.