Global Cyberattacks: How to Manage Risk in Times of Chaos

Global Cyberattacks: How to Manage Risk in Times of Chaos

Global Cyberattacks: How to Manage Risk in Times of Chaos Cyber Threats As global tension rises, cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices are presented to manage your cyber risk. By: Trend Micro February 24, 2022 Read time:  ( words) While it seems almost cliché now, we are living in unprecedented times. The global pandemic has forced organizations everywhere to deal not only with health and supply-chain challenges, but…

Read More

Latest Mac Coinminer Utilizes Open-Source Binaries and the I2P Network

Latest Mac Coinminer Utilizes Open-Source Binaries and the I2P Network

Latest Mac Coinminer Utilizes Open-Source Binaries and the I2P Network Malware A Mac coinminer has been spotted using open-source components in its routine and the I2P Network to hide its traffic. We dive into old iterations of this malware, and also analyze the newest version. By: Luis Magisa February 21, 2022 Read time:  ( words) Coinminers are one of the more profitable types of malware for malicious actors, and they require little maintenance once installed…

Read More

Security Automation with Vision One & Palo Alto

Security Automation with Vision One & Palo Alto

Security Automation with Vision One & Palo Alto APT & Targeted Attacks Trend Micro Vision One™ integrates with Palo Alto Networks Cortex™ XSOAR to drive automated response to incidents uncovered by Vision One. By: Trend Micro February 14, 2022 Read time:  ( words) Trend Micro Vision One™ is at the core of our unified cybersecurity platform, delivering powerful, industry-leading extended detection and response (XDR), centralized visibility and risk insights. Vision One integrates with Palo Alto…

Read More

This Week in Security News – February 11, 2022

This Week in Security News – February 11, 2022

Read on:  Hidden Scams in Malicious Scans: How to Use QR Codes Safely The practical approach to life after COVID-19 is for people to learn to live with it and do what they can to manage it. One of the things that is likely to remain for the foreseeable future is the need for cashless and no-contact transactions. Many businesses have responded to this need through the use of quick response (QR) codes, however threats…

Read More

Detecting PwnKit (CVE-2021-4034) Using Trend Micro™ Vision One™ and Cloud One™

Detecting PwnKit (CVE-2021-4034) Using Trend Micro™ Vision One™ and Cloud One™

Detecting PwnKit (CVE-2021-4034) Using Trend Micro™ Vision One™ and Cloud One™ Exploits & Vulnerabilities This blog discusses how CVE-2021-4034 can be detected and blocked using Trend Micro™ Vision One™ and Trend Micro Cloud One™. By: Sunil Bharti, Nitesh Surana February 11, 2022 Read time:  ( words) PolKit, or PolicyKit, is a component that handles system-wide policies and authorizations in Unix and Unix-like operating systems (OS), allowing non-privileged processes to communicate with privileged ones. PolKit’s pkexec…

Read More

This Week in Security News – February 4th, 2022

This Week in Security News – February 11, 2022

Read on:  The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It An earlier version of an out-of-bounds (OOB) vulnerability in Samba was disclosed via Trend Micro Zero Day Initiative’s (ZDI) Pwn2Own Austin 2021. While we have not seen any active attacks exploiting this vulnerability, CVE-2021-44142 received a CVSS rating of 9.9 out of the three variants reported. If abused, this security gap can be used by remote attackers to execute arbitrary code as…

Read More

The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It

The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It

An earlier version of an out-of-bounds (OOB) vulnerability in Samba was disclosed via Trend Micro Zero Day Initiative’s (ZDI) Pwn2Own Austin 2021. ZDI looked further into the security gap and found more variants of the vulnerability after the event and subsequently disclosed the findings to the company. While we have not seen any active attacks exploiting this vulnerability, CVE-2021-44142 received a CVSS rating of 9.9 out of the three variants reported. If abused, this security…

Read More

Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware

Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware

Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection. By: Ian Kenefick January 21, 2022 Read time:  ( words) We observed Emotet spam campaigns using hexadecimal and octal representations of IP addresses, likely to evade detection via pattern matching. Both routines use social engineering techniques to trick users into enabling document macros and automate malware execution. Upon receiving these standards,…

Read More

This Week in Security News – January 21, 2022

This Week in Security News – February 11, 2022

Read on: Cybersecurity for Industrial Control Systems: Part 1 In this two-part series, Trend Micro looks at cybersecurity threats that affected industrial control systems endpoints and shares insights and recommendations to mitigate such threats. Trend Micro’s expert team extensively studied reported malware families in ICS endpoints to validate ICS security and establish a global baseline for examining threats that put these systems at risk. CISA Urges US Orgs to Prepare for Data-Wiping Cyberattacks Ukraine government…

Read More

Defending Users’ NAS Devices From Evolving Threats

Defending Users’ NAS Devices From Evolving Threats

Defending Users’ NAS Devices From Evolving Threats In our latest research, we analyze the threats targeting well-known brands of network-attached storage (NAS) devices. By: Stephen Hilt, Fernando Merces January 20, 2022 Read time:  ( words) Threats to the internet of things (IoT) continue to evolve as users and businesses grow increasingly reliant on these tools for constant connectivity, access to information and data, and workflow continuity. Cybercriminals have taken notice of this dependence and now…

Read More
1 7 8 9 10 11