Anime_007

Trend Micro should introduce software based two way firewall. The one which can monitor incoming and outgoing connections. Kindly introduce some new security features like a firewall for Trend Micro Internet/  Maximum Security. The UI and options are basically the same for the past 8 years approx. Which is not a bad thing but atleast introduce a powerful software based firewall. Put some effort in consumer product developments. Kindly forward this idea or suggestion to the concerned department and developers. 

I had submitted a sample for reclassification but after analysis Trend micro is showing that file as normal file. 

[TM-3015963-K4N7W8] Results for the File Submitted for Reclassification Ref:04500000542

This sample is detected by Eset as PUA Vulnerable Zemana driver and has other detections as well over virustotal website. Some of these are Spyboy vulnerable driver. 

Here is the virustotal website link- 

https://www.virustotal.com/gui/file/543991ca8d1c65113dff039b85ae3f9a87f503daec30f46929fd454bc57e5a91/detection/f-543991ca8d1c65113dff039b85ae3f9a87f503daec30f46929fd454bc57e5a91-1686074653

SHA 256- 543991ca8d1c65113dff039b85ae3f9a87f503daec30f46929fd454bc57e5a91

Trend Micro did a research extensively recently over vulnerable zemana driver. To quote a trend micro post "Terminator.exe is the re-created "SpyBoy" tool. 

The tool abuses the zam64.sys driver to terminate all EDR/XDR/AV processes." 

I believe that this sample is related or similar to this one.

I know Trend Micro takes security issues seriously as I have been told by Trend micro employees here several times. But I would again like to get your attention to provide certain features to Trend Micro's Password manager-

1. Provide a password generator which generates more secure passwords upto 35 characters not just 20 of characters which also uses different characters than simply using the most common ones as we see now.

2. Provide re-captcha feature when signing in for the first time over Password manager portal or signing in for the first time over a device which can protect the users from credential stuffing attacks or mass login attempts like the one that happened with Norton.

3. Please make sure that Password manager can be used with ease when the user is trying to autologin using the password manager. Most of the times I had to copy and paste my id and passwords which is not secure.

4. Provide auto deletion option after few mins (auto deletion of clipboard content).

Other AV companies provide a simpler approach for submission of files. For instance Norton provides a portal namely submit.norton.com . Please check this portal for once and try to introduce similar portal for users. In short by using this portal Norton users can submit suspected files or files which exists on virustotal. And soon within 2 or 3 days a detection is added for it.

That portal of norton even provides an option to submit 256 hash or MD5 hases.

So if possible try to introduce similar concept for Trend Micro. Kaspersky has Opentip portal of itself. All I want is provide a simpler approach for file submission.

It takes days for getting a file reclassified this way. You can continue providing existing option as well for detailed and specific assistance for customers. But if possible provide a website similar to Norton submission portal or Kaspersky's Opentip.

I also don't like the idea of Trend Micro running mute mode randomly. I noticed a msg pop up that 7 threats are removed or detected while the Trend Micro was in mute mode. So I checked the Security Report and found none threats detected. So is this possible that when mute mode is turned on the threats which are detected during that time are not shown up under Security reports ? Unfortunately I was unable to take screenshot of the incident. 

I recently noticed Trend Micro's Password sharing feature which is great to have. Appreciate the developers in this regard. But also improve certain areas of Password Manager for instance :-

1. Introduce edit option and save option for secure notes. This will save user from accidentally editing the secure notes which got saved automatically as of now.

2. Password generator to generate more strong and complex passwords upto 30 characters and using more special character symbols.

Trend Micro needs to work on threat detection. Most of the threats when checked upon virustotal website are not flagged malicious by Trend Micro. Other major AVs hardly misses redline stealers etc. But Trend Micro needs to work on improving its detection rates. As a result of average lab tests it is performing not good in independent lab tests. It performed poor in av comparative tests. I know virus total analysis is basic one but I am sure even if threats are run manually to check its real time protection it fails to detect most of the threats. An improvement in this regard is much appreciated. Please introduce different and robust av engines and integrate with the AV to improve its detection rates for instance f secure has multiple engines. Personally I do like using Trend Micro but it needs massive improvement in this regard. As free AVs like Kaspersky free and Bitdefender free offers much superior protection and hardly misses any samples.

Recently we all see the news of Lastpass being hacked and vault data being stolen. Few days ago Norton Password Manager got compromised by credential stuffing attacks and if has affected for about 6,000 users of Norton. My question is how well Trend Micro's password manager is protected and secured. I know its 256 bit encryption and all that. I also use 2fa for my accounts but is it secure from credential stuffing attacks as I see no captcha method while trying to logging in. Please use re captcha method mandatorily for every login attempts. Also introduce email notification whenever the someone tries to login or someone logged in to password manager app under login activity via email.