Home | Latest News | Popular News | Our Network | About | Contact
Security News from 'TrendMicro' | www.SecurityPhresh.com
Security News from 'TrendMicro'
Showing 'Security News from 'TrendMicro'' from 1 to 10
Cryptocurrency Miner Spreads Via Old Vulnerabilities On Elasticsearch
12th Dec 2018 [11 hours ago] from TrendMicro
We detected mining activity on our honeypot that involves the search engine Elasticsearch, which is a Java-developed search engine based on the Lucene library and released as open-source. The attack was deployed by taking advantage of known...
December Patch Tuesday: Year-End Batch Addresses Win32k Elevation Of Privilege And Windows DNS Server Vulnerabilities
11th Dec 2018 [14 hours ago] from TrendMicro
The just-released Patch Tuesday for December includes a fix for the actively exploited Win32k Elevation of Privilege Vulnerability (CVE-2018-8611). The flaw allows an attacker to exploit a bug in the Windows Kernel and run arbitrary code...
New Exploit Kit “Novidade” Found Targeting Home And SOHO Routers
11th Dec 2018 [34 hours ago] from TrendMicro
We identified a new exploit kit we named Novidade that targets home or small office routers by changing their Domain Name System (DNS) settings via cross-site request forgery (CSRF), enabling attacks on a victim’s mobile device or desktop...
Machine-to-Machine (M2M) Technology Design Issues And Implementation Vulnerabilities
4th Dec 2018 [8 days ago] from TrendMicro
We delve into the protocol security issues that may crop up from a technology perspective. The scarce awareness that we’ve observed around the current state of MQTT and CoAP can enable attackers in achieving their goals, ranging from...
New PowerShell-based Backdoor Found In Turkey, Strikingly Similar To MuddyWater Tools
30th Nov 2018 [12 days ago] from TrendMicro
MuddyWater is a well-known threat actor group that has been active since 2017. They have regularly targeted various organizations in Middle East and Central Asia, primarily using spear phishing emails with malicious attachments. We recently...
Water And Energy Sectors Through The Lens Of The Cybercriminal Underground
29th Nov 2018 [13 days ago] from TrendMicro
In our research Exposed and Vulnerable Critical Infrastructure: Water and Energy Industries, we not only found exposed industrial control system (ICS) human machine interfaces (HMIs) but also pointed out how these systems were at risk....
Proofs Of Concept Abusing PowerShell Core: Caveats And Best Practices
29th Nov 2018 [14 days ago] from TrendMicro
We explored possible strategies attackers can employ when abusing PowerShell Core. These proofs of concept (PoCs) would help in better understanding — and in turn, detecting and preventing — the common routines and behaviors of possible...
Fake Voice Apps On Google Play, Botnet Likely In Development
27th Nov 2018 [15 days ago] from TrendMicro
Several apps on Google Play posing as legitimate voice messenger platforms have automated functions such as fake survey pop-ups and fraudulent ad clicks. Observed variants were deployed one by one since October, with its evolution including...
AutoIt-Compiled Worm Affecting Removable Media Delivers Fileless Version Of BLADABINDI/njRAT Backdoor
27th Nov 2018 [15 days ago] from TrendMicro
BLADABINDI, also known as njRAT/Njw0rm, is a remote access tool (RAT) with a myriad of backdoor capabilities — from keylogging to carrying out distributed denial of service (DDoS) — and has been rehashed and reused in various cyberespionage...
A Look Into The Connection Between XLoader And FakeSpy, And Their Possible Ties With The Yanbian Gang
26th Nov 2018 [16 days ago] from TrendMicro
XLoader and FakeSpy are two of the most prevalent malware families that emerged from the mobile threat landscape recently. We first reported about XLoader in April 2018 when it used Domain Name System (DNS) cache poisoning/DNS spoofing...
1 2 3 4 5 6 7 8 9 10 Older »