Home | Latest News | Popular News | Our Network | About | Contact
Security News from 'TrendMicro' | www.SecurityPhresh.com
Security News from 'TrendMicro'
Showing 'Security News from 'TrendMicro'' from 111 to 120
Microsoft Edge And Internet Explorer Zero-Days Allow Access To Confidential Session Data
2nd Apr 2019 [11 months ago] from TrendMicro
Two zero-day vulnerabilities in current versions of Microsoft Edge and Internet Explorer make it possible for confidential information to be shared between websites. The post Microsoft Edge and Internet Explorer Zero-Days Allow Access...
Emotet-Distributed Ransomware Loader For Nozelesn Found Via Managed Detection And Response
29th Mar 2019 [11 months ago] from TrendMicro
By Erika Mendoza, Jay Yaneza, Gilbert Sison, Anjali Patil, Julie Cabuhat, and Joelson Soares Through our managed detection and response (MDR) monitoring, we discovered the modular Emotet malware distributing the Nymaim malware, which then...
Desktop, Mobile Phishing Campaign Targets South Korean Websites, Steals Credentials Via Watering Hole
28th Mar 2019 [11 months ago] from TrendMicro
We discovered a phishing campaign targeting South Korean websites and users credentials using the watering hole technique. Labeling the campaign Soula, cybercriminals injected a malicious JS code in at least four websites for a fake login...
CVE-2019-0192: Mitigating Unsecure Deserialization In Apache Solr
27th Mar 2019 [11 months ago] from TrendMicro
Security researcher Michael Stepankin reported a vulnerability found in the popular, open-source enterprise search platform Apache Solr: CVE-2019-0192. It’s a critical vulnerability related to deserialization of untrusted data. To have...
Telecom Crimes Against The IoT And 5G
21st Mar 2019 [11 months ago] from TrendMicro
Telecommunications or telecom technology is the underpinning of the modern internet, and consequently, the internet’s growing segment, the internet of things (IoT). At its best, this relationship is exemplified as advances in network...
CVE-2019-7238: Insufficient Access Controls In Sonatype Nexus Repository Manager 3 Allows Remote Code Execution
14th Mar 2019 [12 months ago] from TrendMicro
A critical remote code execution (RCE) vulnerability (CVE-2019-7238) was found in Sonatype’s Nexus Repository Manager (NXRM) 3, an open source project that allows developers, such as DevOps professionals, to manage software components...
A Machine Learning Model To Detect Malware Variants
13th Mar 2019 [12 months ago] from TrendMicro
When malware is difficult to discover — and has limited samples for analysis — we propose a machine learning model that uses adversarial autoencoder and semantic hashing to find what bad actors try to hide. We, along with researchers...
March’s Patch Tuesday Fixes Privilege Escalation Vulnerabilities Exploited In The Wild
13th Mar 2019 [12 months ago] from TrendMicro
Microsoft’s Patch Tuesday for March addressed 64 vulnerabilities, 17 of which were rated critical, 45 important, one moderate, and another low in severity. Two of these vulnerabilities, CVE-2019-0797 and CVE-2019-0808, were reported to...
From Fileless Techniques To Using Steganography: Examining Powload’s Evolution
12th Mar 2019 [12 months ago] from TrendMicro
In some of the recent Powload-related incidents we saw, we noticed significant changes to some of the attachments in the spam emails: the use of steganography and targeting of specific countries. Figure 2 shows the difference. For example,...
New SLUB Backdoor Uses GitHub, Communicates Via Slack
7th Mar 2019 [12 months ago] from TrendMicro
We discovered a malware that uses three different online services -- including Slack and GitHub-- as part of its routine. Analysis of the attackers tools, techniques, and procedures lead us to believe that this might be a targeted attack...
« Newer 7 8 9 10 11 12 13 14 15 16 Older »