Home | Latest News | Popular News | Our Network | About | Contact
Security News from 'TrendMicro' | www.SecurityPhresh.com
Security News from 'TrendMicro'
Showing 'Security News from 'TrendMicro'' from 31 to 40
August Patch Tuesday: Update Fixes ‘Wormable’ Flaws In Remote Desktop Services, VBScript Gets Disabled By Default
13th Aug 2019 [3 months ago] from TrendMicro
While none of the vulnerabilities were listed as under active attack at the time of August Patch Tuesday release, a few of the bugs addressed this month fall under the “wormable” category, namely remote code execution (RCE) vulnerabilities...
Back-to-Back Campaigns: Neko, Mirai, And Bashlite Malware Variants Use Various Exploits To Target Several Routers, Devices
13th Aug 2019 [3 months ago] from TrendMicro
By Augusto Remillano II and Jakub Urbanec Within a span of three weeks, our telemetry uncovered three notable malware variants of Neko, Mirai, and Bashlite. On July 22, 2019, we saw and started analyzing a Neko botnet sample, then observed...
LLDBFuzzer: Debugging And Fuzzing The Apple Kernel With LLDB Script
8th Aug 2019 [3 months ago] from TrendMicro
Our fuzzing methodology LLDBFuzzer found dozens of vulnerabilities, including double free and out-of-bounds (OOB) read/write bugs. These vulnerabilities could allow an attacker access to restricted memory or be used in a privilege escalation...
LokiBot Gains New Persistence Mechanism, Uses Steganography To Hide Its Tracks
6th Aug 2019 [3 months ago] from TrendMicro
First advertised as an information stealer and keylogger when it first appeared in underground forums, LokiBot has added various capabilities over the years. Recent activity has seen the malware family abusing Windows Installer for its...
Latest Trickbot Campaign Delivered Via Highly Obfuscated JS File
5th Aug 2019 [3 months ago] from TrendMicro
We have been tracking Trickbot banking trojan activity and recently discovered a variant of the malware (detected by Trend Micro as TrojanSpy.Win32.TRICKBOT.TIGOCDC) from distributed spam emails that contain a Microsoft Word document with...
Keeping A Hidden Identity: Mirai C&Cs In Tor Network
31st Jul 2019 [3 months ago] from TrendMicro
We found new samples of Mirai targeting IP cameras and DVRs with exposed ports and default credentials. Like its predecessors, it allows attackers remote access and the use of infected devices to form a botnet for DDoS attacks. However,...
Multistage Attack Delivers BillGates/Setag Backdoor, Can Turn Elasticsearch Databases Into DDoS Botnet ‘Zombies’
23rd Jul 2019 [4 months ago] from TrendMicro
Elasticsearch is no stranger to cybercriminal abuse given its popularity and use to organizations. In fact, this year’s first quarter saw a surge of attacks — whether by exploiting vulnerabilities or taking advantage of security gaps...
Old Tools For New Money: URL Spreading Shellbot And XMRig Using 17-year Old XHide
19th Jul 2019 [4 months ago] from TrendMicro
We found a threat that scans for open ports and brute forces systems with weak credentials to drop a Monero cryptocurrency miner. While the installation and mining process is hidden by old evasion tool XHide Process Faker, the malware can...
Spam Campaign Targets Colombian Entities With Custom-made ‘Proyecto RAT,’ Uses Email Service YOPmail For C&C
18th Jul 2019 [4 months ago] from TrendMicro
We observed a recent campaign that primarily targets financial institutions and governmental organizations in the South American region, particularly in Colombia. This blog post covers the activities we observed, the remote access tools...
Jenkins Admins: Relying On Default Settings Could Put Master At Risk Of Remote Code Execution Attacks
17th Jul 2019 [4 months ago] from TrendMicro
By David Fiser Jenkins is a popular open-source automation server for software development teams. Used for managing the development side in DevOps, the main purpose of Jenkins is to perform tasks, called jobs, such that software project...
« Newer 1 2 3 4 5 6 7 8 9 10 Older »