Patch Now Apache Log4j Vulnerability Called Log4Shell Actively Exploited

Patch Now Apache Log4j Vulnerability Called Log4Shell Actively Exploited

A vulnerability in Apache Log4j, a widely used logging package for Java has been found. The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell. It was first reported privately to Apache on November 24 and was patched with version 2.15.0 of Log4j on December 9. It affects Apache Struts, Apache Solr, Apache Druid, Elasticsearch, Apache Dubbo, and VMware…

Read More

New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes

New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes

New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes Ransomware We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these samples is that the files are code-signed. They also terminate various processes which are related to database and backup management. By: Don Ovid Ladores December 10, 2021 Read time:  ( words) We analyzed new samples of the Yanluowang ransomware, a recently discovered ransomware family. One interesting aspect of these samples is…

Read More

This Week in Security News – December 10, 2021

This Week in Security News – December 10, 2021

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read about Trend Micro’s predictions for security in the coming year. Also, learn about the Biden administration’s latest initiatives for curtailing attacks on the transport infrastructure. Read on: Pushing Forward Key Takeaways from Trend Micro’s Security Predictions for 2022 Because of the Covid-19 pandemic, organizations have learned to…

Read More

The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs

The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs

New IoT botnet techniques During the observation period, we noted four new techniques added to threat actors’ arsenals. One is a newly implemented technique in botnet families called Masquerading: Match Legitimate Name or Location (T1036.005). It is a Defense Evasion technique that likely reflect the manufacturers’ increasing interest and efforts in securing these IoT devices or appliances. The technique involves adversaries trying to match the name and location of legitimate and trusted programs to hide…

Read More

Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify

Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify

Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify We looked into exploitation attempts we observed in the wild and the abuse of legitimate platforms Netlify and GitHub as repositories for malware. By: Nitesh Surana December 03, 2021 Read time:  ( words) Earlier this year, a security flaw identified as CVE-2021-41773 was disclosed to Apache HTTP Server Project, a path traversal and remote code execution (RCE) flaw in Apache HTTP Server 2.4.49. If this…

Read More

This Week in Security News – December 3, 2021

This Week in Security News – December 10, 2021

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about how Squirrelwaffle utilized ProxyLogon and ProxyShell to hack email chains. Also, read on a recent data breach of the Los Angeles Planned Parenthood Network. Read on: Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains In September, Squirrelwaffle emerged as a new loader that is spread…

Read More

5 Things to Do from the AWS re:Invent Day 3 Agenda

5 Things to Do from the AWS re:Invent Day 3 Agenda

5 Things to Do from the AWS re:Invent Day 3 Agenda Compliance & Risks Welcome to your complete guide to AWS re:Invent 2021 Day 3, where you will find tips on how to get the most out of your conference experience both in Las Vegas and virtually. By: Trend Micro December 01, 2021 Read time:  ( words) You’re in the endgame now, so it’s time to clean up and get any lose-ends tied up.  If…

Read More

Analyzing How TeamTNT Used Compromised Docker Hub Accounts

Analyzing How TeamTNT Used Compromised Docker Hub Accounts

Analyzing How TeamTNT Used Compromised Docker Hub Accounts Cloud Following our previous disclosure of compromised Docker hub accounts delivering cryptocurrency miners, we analyze these accounts and discover more malicious actions that you need to be aware of. By: Trend Micro Research December 01, 2021 Read time:  ( words) In early November, we disclosed that compromised Docker Hub accounts were being used for cryptocurrency mining and that these activities were tied to the TeamTNT threat actor….

Read More

What You Can Do to Mitigate Cloud Misconfigurations

What You Can Do to Mitigate Cloud Misconfigurations

Our data also showed a high frequency of Amazon Simple Storage Service (S3) rule violations. Still, it is necessary to examine the data further before fearing for the worst. For one, not all Amazon S3 buckets are supposed to be encrypted. In some instances, encryption is not needed. These are cases where the data needs to be served in clear text such as for public sites or data that needs to be openly accessed through…

Read More

Trend Micro Cloud One Network Security-as-a-Service

Trend Micro Cloud One Network Security-as-a-Service

Simplifying network security in the cloud has been the primary objective of Trend Micro Cloud One – Network Security. At Trend Micro, we focus on making deployment as easy as possible for our customers. We help customers avoid re-architecture, and we don’t interfere with network traffic, so we’ve enabled customers to achieve broad and deep network layer security across entire VPCs within minutes. Trend Micro, alongside Amazon Web Services (AWS), has worked to provide the…

Read More
1 23 24 25 26 27