reports

Defending Systems Against Attacks With Layers of Remote Control

Posted on by Admin
Defending Systems Against Attacks With Layers of Remote Control

Fortunately, we were able to provide the customer with timely alert and intervention from the moment the initial intrusion via the cloud server was observed all the way to guidance during the cleanup and remediation process. Insights from the threat report and the threat handling perspective Incidents such as this provide security teams opportunities to see attacks from different angles and in a big-picture manner. We discuss key insights below that organizations can consider when…

Read More

This Week in Security News – January 7, 2022

Posted on by Admin
This Week in Security News – January 7, 2022

Read on: Are Endpoints at Risk for Log4Shell Attacks The end of 2021 saw the emergence of the Log4Shell (CVE-2021-44228) vulnerability, a critical vulnerability in the ubiquitous Java logging package Apache Log4j. Exploiting Log4Shell via crafted log messages can allow an attacker to execute code on remote machines. The potential impact of this vulnerability is great enough that it scores a 10.0 rating based on CVSS version 3.x and a 9.3 rating based on CVSS…

Read More

Codex Exposed Exploring the Capabilities and Risks of OpenAIs Code Generator

Posted on by Admin
Codex Exposed Exploring the Capabilities and Risks of OpenAIs Code Generator

While GPT-3, the general-purpose language transformer that powers Codex, has recently been opened to the public, Codex itself remains a technical preview open to a limited selection of users. Codex powers the functionality of GitHub’s Copilot, a programming assistant available as a plug-in for Visual Studio Code that is able to offer AI-powered autocomplete and code translation on the fly. Its capabilities are still rough around the edges, but they give a good idea of…

Read More

Examining Log4j Vulnerabilities in Connected Cars and Charging Stations

Posted on by Admin
Examining Log4j Vulnerabilities in Connected Cars and Charging Stations

Evidence of attacks using the Log4j vulnerability was also shown in a test that triggered a bug on a Tesla car. For this case, the source does not provide much information on where it was actually executed. Nevertheless, this means that the exploitation of the vulnerability could still have an impact on the user’s privacy and the general security of the car because a back-end compromise could allow attackers to push actions to the car…

Read More

The Log4j story, and how it has impacted our customers

Posted on by Admin
The Log4j story, and how it has impacted our customers

The security research community had been expecting something like this to come along for a while. So it was with a sense of dread that we read news of a newly discovered CVSS 10.0 vulnerability in early December. The impact is already being felt around the globe as threat actors scramble to exploit the bug before defenders can apply their patches. It is a story that could take months or even years to play out….

Read More

What to Do About Log4j

Posted on by Admin
What to Do About Log4j

Log4j does not sanitize inputs. Tactical Measures The first challenge is to find out where your code and applications might have the vulnerability. There are tools to scan for the presence of the string ”log4j” including Snyk and others. These will find any places in your source code libraries that have calls to the code. The next step is to verify whether that source code was ever actually deployed into your production environment. Sometimes developers…

Read More

Are Endpoints at Risk for Log4Shell Attacks

Posted on by Admin
Are Endpoints at Risk for Log4Shell Attacks

The end of 2021 saw the emergence of the Log4Shell (CVE-2021-44228) vulnerability, a critical vulnerability in the ubiquitous Java logging package Apache Log4j. Exploiting Log4Shell via crafted log messages can  allow an attacker to execute code on remote machines. The potential impact of this vulnerability is great enough that it scores a 10.0 rating based on CVSS version 3.x and a 9.3  rating based on CVSS version 2.0 in terms of critical risk — and…

Read More

Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager

Posted on by Admin
Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager

Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign. By: Abraham Camba, Jonna Santos, Gilbert Sison, Jay Yaneza December 17, 2021 Read time:  ( words) We recently published how Squirrelwaffle emerged as a loader using two exploits in a recent spam campaign in the Middle East. Further monitoring and analysis from our incident response and extended detection and response teams (IR/XDR)…

Read More

This Week in Security News – December 17, 2021

Posted on by Admin
This Week in Security News – January 7, 2022

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read on Purple Fox’s infection chain observed by Trend Micro’s Managed XDR. Also, learn about the Log4j vulnerability that has the potential to cause ‘incalculable’ damage. Read on: A Look into Purple Fox’s Server Infrastructure In this blog, Trend Micro sheds light on the later stages of Purple…

Read More

Volatile and Adaptable: Tracking the Movements of Modern Ransomware

Posted on by Admin
Volatile and Adaptable: Tracking the Movements of Modern Ransomware

Volatile and Adaptable: Tracking the Movements of Modern Ransomware Ransomware Trend Micro’s tracking of modern ransomware, as well as of older families, shows which attacks are gaining momentum and which families are particularly dangerous for enterprises and private users. By: Trend Micro Research December 15, 2021 Read time:  ( words) In the first half of 2021, we saw that modern ransomware threats were still active and evolving, using double extortion techniques to victimize targets. Unlike…

Read More
1 22 23 24 25 26 27