Home | Latest News | Popular News | Our Network | About | Contact
Security News from 'TrendMicro' | www.SecurityPhresh.com
Security News from 'TrendMicro'
Showing 'Security News from 'TrendMicro'' from 1 to 10
January Patch Tuesday: Update List Includes Fixes For Internet Explorer, Remote Desktop, Cryptographic Bugs
15th Jan 2020 [12 days ago] from TrendMicro
2020 starts off with a relatively heavy list of patches for Microsoft users. January is typically a light month for fixes, but Microsoft released patches for 49 vulnerabilities (eight of which are Critical and all the remaining classified...
First Active Attack Exploiting CVE-2019-2215 Found On Google Play, Linked To SideWinder APT Group
6th Jan 2020 [20 days ago] from TrendMicro
We found three malicious apps in the Google Play store that work together to compromise a victim’s device and collect user information. One of these apps, called Camero, exploits CVE-2019-2215, a vulnerability that exists in Binder (the...
Looking Into Attacks And Techniques Used Against WordPress Sites
23rd Dec 2019 [one month ago] from TrendMicro
This blog post lists different kinds of attacks against WordPress, by way of payload examples we observed in the wild, and how attacks have used hacked admin access and API, Alfa-Shell deployment, and SEO poisoning to take advantage of...
Why Running A Privileged Container In Docker Is A Bad Idea
20th Dec 2019 [one month ago] from TrendMicro
In this blog post, we will explore how running a privileged yet unsecure container may allow cybercriminals to gain a backdoor in an organization’s system. The post Why Running a Privileged Container in Docker Is a Bad Idea appeared first...
DDoS Attacks And IoT Exploits: New Activity From Momentum Botnet
16th Dec 2019 [one month ago] from TrendMicro
We found new details on the tools and techniques the Momentum botnet is currently using to compromise devices and perform distributed denial-of-service (DDoS) attacks, and propagate with numerous exploits. The post DDoS Attacks and IoT...
(Almost) Hollow And Innocent: Monero Miner Remains Undetected Via Process Hollowing
12th Dec 2019 [2 months ago] from TrendMicro
Cryptocurrencies values are increasing again, which may explain why the number of stealthy techniques to deliver them have also increased this year. We found another campaign using process hollowing and a dropper component to evade detection...
Waterbear Is Back, Uses API Hooking To Evade Security Product Detection
11th Dec 2019 [2 months ago] from TrendMicro
In one of its recent campaigns, we’ve discovered a piece of Waterbear payload with a brand-new purpose: hiding its network behaviors from a specific security product by API hooking techniques. In our analysis, we have discovered that...
December Patch Tuesday: Vulnerabilities In Windows Components, RDP, And PowerPoint Get Fixes
10th Dec 2019 [2 months ago] from TrendMicro
Microsoft released a total of 36 patches for December’s Patch Tuesday. Decembers tend to have a relatively low number of patches, and the last Patch Tuesday of the 2010s was no different. Seven of the 36 patches were identified as Critical,...
Obfuscation Tools Found In The Capesand Exploit Kit Possibly Used In “KurdishCoder” Campaign
4th Dec 2019 [2 months ago] from TrendMicro
In November 2019, we published a blog analyzing an exploit kit we named Capesand that exploited Adobe Flash and Microsoft Internet Explorer flaws. During our analysis of the indicators of compromise (IoCs) in the deployed samples that were...
Mobile Cyberespionage Campaign Distributed Through CallerSpy Mounts Initial Phase Of A Targeted Attack
2nd Dec 2019 [2 months ago] from TrendMicro
We found a new spyware family disguised as chat apps on a phishing website. We believe that the apps, which exhibit many cyberespionage behaviors, are initially used for a targeted attack campaign. We first came across the threat in May...
1 2 3 4 5 6 7 8 9 10 Older »