Home | Latest News | Popular News | Our Network | About | Contact
Security News from 'TrendMicro' | www.SecurityPhresh.com
Security News from 'TrendMicro'
Showing 'Security News from 'TrendMicro'' from 11 to 20
Mac Malware That Spoofs Trading App Steals User Information, Uploads It To Website
20th Sep 2019 [2 months ago] from TrendMicro
We recently found and analyzed a malicious malware variant that disguised itself as a legitimate Mac-based trading app called Stockfolio. We found two variants of the malware family. The first one contains a pair of shell scripts and connects...
Fileless Cryptocurrency-Miner GhostMiner Weaponizes WMI Objects, Kills Other Cryptocurrency-Mining Payloads
19th Sep 2019 [2 months ago] from TrendMicro
By Carl Maverick Pascual (Threats Analyst) Cybercriminals continue to use cryptocurrency-mining malware to abuse computing resources for profit. As early as 2017, we have also observed how they have applied fileless techniques to make detection...
Magecart Skimming Attack Targets Mobile Users Of Hotel Chain Booking Websites
18th Sep 2019 [2 months ago] from TrendMicro
We discovered a series of incidents where the credit card skimming attack Magecart was used to hit the booking websites of chain-brand hotels — the second time we’ve seen a Magecart threat actor directly hit ecommerce service providers...
When PSD2 Opens More Doors: The Risks Of Open Banking
17th Sep 2019 [2 months ago] from TrendMicro
We looked into the security implications of the changing banking paradigm with PSD2 in place. Our research highlights the current and new risks that the financial industry will have to defend against, and predict how cybercriminals will...
Skidmap Linux Malware Uses Rootkit Capabilities To Hide Cryptocurrency-Mining Payload
16th Sep 2019 [2 months ago] from TrendMicro
Skidmap, a Linux malware that we recently stumbled upon, demonstrates the increasing complexity of recent cryptocurrency-mining threats. This malware is notable because of the way it loads malicious kernel modules to keep its cryptocurrency...
Hacking LED Wristbands: A ‘Lightning’ Recap Of RF Security Basics
13th Sep 2019 [2 months ago] from TrendMicro
We’re always eager for new research and learning opportunities, but this time, serendipitously, the opportunity found us. At the closing party of the Hack In The Box Amsterdam conference — where we presented our industrial radio research...
From BinDiff To Zero-Day: A Proof Of Concept Exploiting CVE-2019-1208 In Internet Explorer
12th Sep 2019 [2 months ago] from TrendMicro
Last June, I disclosed a use-after-free (UAF) vulnerability in Internet Explorer (IE) to Microsoft. It was rated as critical, designated as CVE-2019-1208, and then addressed in Microsoft’s September Patch Tuesday. I discovered this flaw...
September Patch Tuesday Bears More Remote Desktop Vulnerability Fixes And Two Zero-Days
10th Sep 2019 [2 months ago] from TrendMicro
Microsoft’s September Patch Tuesday covered 80 CVEs, 17 of which were rated critical, and included patches for Azure DevOps Server, Chakra Scripting engine, and Microsoft SharePoint. Sixty-two were labeled as important and included patches...
IoT Attack Opportunities Seen In The Cybercrime Underground
10th Sep 2019 [2 months ago] from TrendMicro
We looked into IoT-related discussions from several cybercrime underground communities. We found discussions ranging from tutorials to actual monetization schemes for IoT-related attacks. The post IoT Attack Opportunities Seen in the Cybercrime...
‘Purple Fox’ Fileless Malware With Rookit Component Delivered By Rig Exploit Kit Now Abuses PowerShell
9th Sep 2019 [2 months ago] from TrendMicro
This new iteration of Purple Fox that we came across, also being delivered by Rig, has a few new tricks up its sleeve. It retains its rootkit component by abusing publicly available code. It now also eschews its use of NSIS in favor of...
« Newer 1 2 3 4 5 6 7 8 9 10 Older »