articles

Patch Now Apache Log4j Vulnerability Called Log4Shell Actively Exploited

Posted on December 13, 2021December 16, 2021 by Admin

A vulnerability in Apache Log4j, a widely used logging package for Java has been found. The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell. It was first reported privately to Apache on November 24 and was patched with version 2.15.0 of Log4j on December 9. It affects Apache Struts, Apache Solr, Apache Druid, Elasticsearch, Apache Dubbo, and VMware…

New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes

Posted on December 10, 2021December 17, 2021 by Admin

New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes Ransomware We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these samples is that the files are code-signed. They also terminate various processes which are related to database and backup management. By: Don Ovid Ladores December 10, 2021 Read time: ( words) We analyzed new samples of the Yanluowang ransomware, a recently discovered ransomware family. One interesting aspect of these samples is…

This Week in Security News – December 10, 2021

Posted on December 10, 2021December 17, 2021 by Admin

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read about Trend Micro’s predictions for security in the coming year. Also, learn about the Biden administration’s latest initiatives for curtailing attacks on the transport infrastructure. Read on: Pushing Forward Key Takeaways from Trend Micro’s Security Predictions for 2022 Because of the Covid-19 pandemic, organizations have learned to…

The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs

Posted on December 9, 2021December 19, 2021 by Admin

New IoT botnet techniques During the observation period, we noted four new techniques added to threat actors’ arsenals. One is a newly implemented technique in botnet families called Masquerading: Match Legitimate Name or Location (T1036.005). It is a Defense Evasion technique that likely reflect the manufacturers’ increasing interest and efforts in securing these IoT devices or appliances. The technique involves adversaries trying to match the name and location of legitimate and trusted programs to hide…

Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify

Posted on December 3, 2021December 19, 2021 by Admin

Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify We looked into exploitation attempts we observed in the wild and the abuse of legitimate platforms Netlify and GitHub as repositories for malware. By: Nitesh Surana December 03, 2021 Read time: ( words) Earlier this year, a security flaw identified as CVE-2021-41773 was disclosed to Apache HTTP Server Project, a path traversal and remote code execution (RCE) flaw in Apache HTTP Server 2.4.49. If this…

This Week in Security News – December 3, 2021

Posted on December 3, 2021December 19, 2021 by Admin

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about how Squirrelwaffle utilized ProxyLogon and ProxyShell to hack email chains. Also, read on a recent data breach of the Los Angeles Planned Parenthood Network. Read on: Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains In September, Squirrelwaffle emerged as a new loader that is spread…

5 Things to Do from the AWS re:Invent Day 3 Agenda

Posted on December 1, 2021December 19, 2021 by Admin

5 Things to Do from the AWS re:Invent Day 3 Agenda Compliance & Risks Welcome to your complete guide to AWS re:Invent 2021 Day 3, where you will find tips on how to get the most out of your conference experience both in Las Vegas and virtually. By: Trend Micro December 01, 2021 Read time: ( words) You’re in the endgame now, so it’s time to clean up and get any lose-ends tied up. If…

What You Can Do to Mitigate Cloud Misconfigurations

Posted on November 30, 2021December 20, 2021 by Admin

Our data also showed a high frequency of Amazon Simple Storage Service (S3) rule violations. Still, it is necessary to examine the data further before fearing for the worst. For one, not all Amazon S3 buckets are supposed to be encrypted. In some instances, encryption is not needed. These are cases where the data needs to be served in clear text such as for public sites or data that needs to be openly accessed through…

Trend Micro Cloud One Network Security-as-a-Service

Posted on November 29, 2021December 20, 2021 by Admin

Simplifying network security in the cloud has been the primary objective of Trend Micro Cloud One – Network Security. At Trend Micro, we focus on making deployment as easy as possible for our customers. We help customers avoid re-architecture, and we don’t interfere with network traffic, so we’ve enabled customers to achieve broad and deep network layer security across entire VPCs within minutes. Trend Micro, alongside Amazon Web Services (AWS), has worked to provide the…

« 1 … 23 24 25 26 27 »

Patch Now Apache Log4j Vulnerability Called Log4Shell Actively Exploited

New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes

The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs

Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)