Home | Latest News | Popular News | Our Network | About | Contact
Security News from 'TrendMicro' | www.SecurityPhresh.com
Security News from 'TrendMicro'
Showing 'Security News from 'TrendMicro'' from 21 to 30
When PSD2 Opens More Doors: The Risks Of Open Banking
17th Sep 2019 [3 months ago] from TrendMicro
We looked into the security implications of the changing banking paradigm with PSD2 in place. Our research highlights the current and new risks that the financial industry will have to defend against, and predict how cybercriminals will...
Skidmap Linux Malware Uses Rootkit Capabilities To Hide Cryptocurrency-Mining Payload
16th Sep 2019 [3 months ago] from TrendMicro
Skidmap, a Linux malware that we recently stumbled upon, demonstrates the increasing complexity of recent cryptocurrency-mining threats. This malware is notable because of the way it loads malicious kernel modules to keep its cryptocurrency...
Hacking LED Wristbands: A ‘Lightning’ Recap Of RF Security Basics
13th Sep 2019 [3 months ago] from TrendMicro
We’re always eager for new research and learning opportunities, but this time, serendipitously, the opportunity found us. At the closing party of the Hack In The Box Amsterdam conference — where we presented our industrial radio research...
From BinDiff To Zero-Day: A Proof Of Concept Exploiting CVE-2019-1208 In Internet Explorer
12th Sep 2019 [3 months ago] from TrendMicro
Last June, I disclosed a use-after-free (UAF) vulnerability in Internet Explorer (IE) to Microsoft. It was rated as critical, designated as CVE-2019-1208, and then addressed in Microsoft’s September Patch Tuesday. I discovered this flaw...
September Patch Tuesday Bears More Remote Desktop Vulnerability Fixes And Two Zero-Days
10th Sep 2019 [3 months ago] from TrendMicro
Microsoft’s September Patch Tuesday covered 80 CVEs, 17 of which were rated critical, and included patches for Azure DevOps Server, Chakra Scripting engine, and Microsoft SharePoint. Sixty-two were labeled as important and included patches...
IoT Attack Opportunities Seen In The Cybercrime Underground
10th Sep 2019 [3 months ago] from TrendMicro
We looked into IoT-related discussions from several cybercrime underground communities. We found discussions ranging from tutorials to actual monetization schemes for IoT-related attacks. The post IoT Attack Opportunities Seen in the Cybercrime...
‘Purple Fox’ Fileless Malware With Rookit Component Delivered By Rig Exploit Kit Now Abuses PowerShell
9th Sep 2019 [3 months ago] from TrendMicro
This new iteration of Purple Fox that we came across, also being delivered by Rig, has a few new tricks up its sleeve. It retains its rootkit component by abusing publicly available code. It now also eschews its use of NSIS in favor of...
Malware Classification With ‘Graph Hash,’ Applied To The Orca Cyberespionage Campaign
6th Sep 2019 [3 months ago] from TrendMicro
In malware research, threat hunting and sharing of threat intelligence, such as exchanging indicators of compromise (IoCs) in the form of hashes (e.g., MD5s, SHA256s), are common industry practices and helpful for information security professionals....
Spam Campaign Abuses PHP Functions For Persistence, Uses Compromised Devices For Evasion And Intrusion
5th Sep 2019 [3 months ago] from TrendMicro
We found a spam campaign that uses compromised devices to attack vulnerable web servers. From the devices, attackers use a PHP script to send an email with an embedded link to a scam site to specific email addresses. The use of compromised...
Glupteba Campaign Hits Network Routers And Updates C&C Servers With Data From Bitcoin Transactions
4th Sep 2019 [3 months ago] from TrendMicro
After looking into the recent variant of the Glupteba dropper delivered from a malvertising attack, we found that the dropper downloaded two undocumented components aside from the Glupteba malware—a browser stealer and a router exploiter....
« Newer 1 2 3 4 5 6 7 8 9 10 Older »