Security I Trust, Information Security, IT Security

Antivirus Evasion with Python

July 18, 2019 admin 0 Comments AV

When deploying defense in depth security controls for your organization, you are likely to include antiviruses as part of the

Hacking attack Info

Russian Bears Need Less Than 20 Minutes To Hack Your Data

February 22, 2019 admin 0 Comments

Russian bears lead the way when it comes to gaining enough of a foothold in your networks to perform a

IT Security News

Microsoft: Russia’s Fancy Bear Working to Influence EU Elections

February 22, 2019 admin 0 Comments

As hundreds of millions of Europeans prepare to go to the polls in May, Fancy Bear ramps up cyber-espionage and

Info IT Security News

Password Manager Firms Blast Back at ‘Leaky Password’ Revelations

February 22, 2019February 22, 2019 admin 0 Comments

1Password, Dashlane, KeePass and LastPass each downplay what researchers say is a flaw in how the utilities manage memory. Secure

Info IT Security News

AV-TEST Awards 2018 go to TrendMicro

February 22, 2019February 22, 2019 admin 0 Comments

Only the best IT protection solutions are contenders for the internationally recognized AV-TEST Awards. After all, with this award, the

IT Security News News

Cryptocurrency Exchange loses access to €130m in funds

February 5, 2019February 5, 2019 admin 0 Comments

Where is the safest place to store cryptocurrency has always been a debated issue, some say offline, others say online,

Info

Cryptomining Malware Uninstalls Cloud Security Products

January 23, 2019January 23, 2019 admin 0 Comments

New samples of cryptomining malware performs a never-before-seen function: uninstalling cloud security products. Researchers say they have discovered a unique

Info

Google Fined $57M in Largest GDPR Slap Yet

January 23, 2019January 23, 2019 admin 0 Comments

The French Data Protection Authority (DPA) found a lack of transparency when it comes to how Google harvests and uses

Info

Hackers can play with cranes like toys

January 18, 2019January 18, 2019 admin 0 Comments

Why does everyone leave security until the last minute. These risk would not happen if we build system to be

IT Security News News

Bleedingbit

November 2, 2018 admin 0 Comments Bleedingbit, vulnerability

Researchers from the firm Armis identified two bugs, which impact Bluetooth Low-Energy (BLE) chips used in millions of Cisco, Meraki,

← Previous

Jenkins Admins: Relying on Default Settings Could Put Master at Risk of Remote Code Execution Attacks July 17, 2019
In our analysis, we observed that a user account with less privilege can gain administrator rights over the automation server if jobs are built on the master machine (i.e., the main Jenkins server), a setup enabled by default. An exploit for this can be easily written using shell spawn — a default build step. If […]
SLUB Gets Rid of GitHub, Intensifies Slack Use July 16, 2019
We discovered a new version of SLUB delivered via another unique watering hole website. This malicious site used CVE-2019-0752, an Internet Explorer vulnerability discovered by Trend Micro’s Zero Day Initiative (ZDI) that was just patched this April. This is the first time we found this exploit used in the wild. This new version of the […]
iOS URL Scheme Susceptible to Hijacking July 12, 2019
Abuse of the iOS URL Scheme can potentially result in the loss of privacy, bill fraud, exposure to pop-up ads, and more. The post iOS URL Scheme Susceptible to Hijacking appeared first on .
New Miori Variant Uses Unique Protocol to Communicate with C&C July 10, 2019
Miori has recently reappeared bearing a notable difference in the way it communicates with its C&C server. This Miori variant departs from the usual binary-based protocol and uses a text-based protocol to communicate with its C&C. The post New Miori Variant Uses Unique Protocol to Communicate with C&C appeared first on .
July’s Patch Tuesday Fixes Critical Flaws in Microsoft Edge and Internet Explorer, Including 2 Exploited Vulnerabilities July 9, 2019
Critical patches covered in the release include fixes for Windows DHCP Server, Azure DevOps Server and Team Foundation Server, and .NET Framework, namely assigned as CVE-2019-0785, CVE-2019-1072, and CVE-2019-1113. Elevation of privilege vulnerabilities in Microsoft splwow64 (CVE-2019-0880) and Win32k (CVE-2019-1132), which were reported as being exploited, have also been patched. The post July’s Patch Tuesday […]
Powload Loads Up on Evasion Techniques July 9, 2019
By sifting through six months’ worth of data (Jan-Jun 2019) covering over 50,000 samples from the Trend Micro™ Smart Protection Network™ infrastructure, we managed to gain insight into how Powload has incorporated new techniques to increase its effectiveness, especially in its ability to hide from detection. The post Powload Loads Up on Evasion Techniques appeared […]
Anubis Android Malware Returns with Over 17,000 Samples July 8, 2019
The 2018 mobile threat landscape had banking trojans that diversified their tactics and techniques to evade detection and further monetize their malware — and in the case of the Anubis Android malware, retooled for other malicious activities. Anubis underwent several changes since it first emerged, from being used for cyberespionage to being retooled as a […]
Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi July 4, 2019
Since our last research on TA505, we have observed new activity from the group that involves campaigns targeting different countries over the last few weeks. We found them targeting countries in the Middle East such as United Arab Emirates and Saudi Arabia, as well as other countries such as India, Japan, Argentina, the Philippines, and […]
A Quick and Efficient Method For Locating the main() function of Linux ELF Malware Variants July 2, 2019
In the past few years, Linux systems have been susceptible to attacks involving ransomware, cryptocurrency miners, botnets and other types of malware. The successful deployment of the said attacks refutes an old notion that machines and devices that run Linux are less likely to be affected by malware. To come up with effective countermeasures, we […]
Adware Campaign Identified From 182 Game and Camera Apps on Google Play and Third-Party Stores Like 9Apps July 1, 2019
We recently observed an active adware campaign (detected by Trend Micro as AndroidOS_HiddenAd.HRXAA and AndroidOS_HiddenAd.GCLA) concealed in free-to-download 182 game and camera apps, majority of which were found on the Google Play Store and collectively had millions of downloads. The post Adware Campaign Identified From 182 Game and Camera Apps on Google Play and Third-Party […]