Corporate Partners

Top IT Security Bloggers

TrendLabs - Malware Blog
  • Latest Flash Exploit in Angler EK Might Not Really Be CVE-2015-0359

    TrendLabs - Malware Blog
    We have found an interesting discrepancy in how the Angler exploit kit targets Adobe Flash. The Angler exploit kit is known for its use of various Adobe Flash Player exploits. Reports have indicated that Angler has started targeting CVE-2015-0359, a vulnerability that was fixed in Adobe’s April 2015 update. CVE-2015-0359 is a race condition vulnerability that occurs because ByteArray::Write is […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroLatest Flash Exploit in Angler EK Might Not Really Be CVE-2015-0359
  • IIS At Risk: The HTTP Protocol Stack Vulnerability

    TrendLabs - Malware Blog
    Unpatched versions of Microsoft’s Internet Information Services (IIS) web server are vulnerable to a remote denial of service attack that can prove to be very threatening if set against critical systems. The vulnerability, which was fixed by Microsoft in MS15-034 as part of the April 2015 Patch Tuesday cycle, can trigger the blue screen of death or more commonly known as […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroIIS At Risk: The HTTP Protocol Stack Vulnerability
  • Resurrection of the Living Dead: The “Redirect to SMB” Vulnerability

    TrendLabs - Malware Blog
    An 18-year-old vulnerability called Redirect to SMB has been resurrected with a new attack vector. This vulnerability can be used to redirect a victim to a malicious Server Message Block (SMB) server, without any direct action from the user except visiting a website. If the SMB security policy is not secure enough, the SMB client will try to make an authenticated […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroResurrection of the Living Dead: The “Redirect to SMB” Vulnerability
  • Without a Trace: Fileless Malware Spotted in the Wild

    TrendLabs - Malware Blog
    Improvements in security file scanners are causing malware authors to deviate from the traditional malware installation routine. It’s no longer enough for malware to rely on dropping copies of themselves to a location specified in the malware code and using persistence tactics like setting up an autostart feature to ensure that they continue to run. […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroWithout a Trace: Fileless Malware Spotted in the Wild
  • Fiesta Exploit Kit Spreading Crypto-Ransomware – Who Is Affected?

    TrendLabs - Malware Blog
    Exploits kits have long been used to deliver threats to users, but they seem to have gone retro: it was recently being used to deliver fake antivirus malware. We closely monitor exploit kit activity because of their widespread use (we discussed their use in malvertising recently), so it was no great surprise to see the Fiesta […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroFiesta Exploit Kit Spreading Crypto-Ransomware – Who Is Affected?
  • Operation Pawn Storm Ramps Up its Activities; Targets NATO, White House

    TrendLabs - Malware Blog
    Long-running APT campaign Operation Pawn Storm has begun the year with a bang, introducing new infrastructure and zeroing in on targets including North Atlantic Treaty Organization (NATO) members and even the White House. This is according to the latest intelligence gleaned from Trend Micro’s ongoing research into the attack group, and comes as a follow-up […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroOperation Pawn Storm Ramps Up its Activities; Targets NATO, White House
  • Denial of Service Attacks Possible with OpenSSL Vulnerability CVE-2015-1787

    TrendLabs - Malware Blog
    On March 19 we wrote about how OpenSSL disclosed and fixed 13 vulnerabilities to address several security holes. Among the vulnerabilities addressed was CVE-2015-1787, which can result in a complete denial of service on an application compiled with OpenSSL library. This blog post will tackle how the bug can be exploited, and how Trend Micro can protect against future possible attacks. CVE-2015-17187 […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroDenial of Service Attacks Possible with OpenSSL Vulnerability CVE-2015-1787
  • Behind Tax Fraud: A Profile of 3 IRS Scammers

    TrendLabs - Malware Blog
    Cybercriminals have been taking advantage of tax season for years. While we have seen tax seasons involving countries like Australia and the U.K., it appears that cybercriminals tend to heavily favor the use of Internal Revenue Service (IRS) scams, especially during the US tax season. Over the years, the attackers’ means may have evolved but their […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroBehind Tax Fraud: A Profile of 3 IRS Scammers
  • April 2015 Patch Tuesday Issues Updates to Microsoft Office

    TrendLabs - Malware Blog
    This month’s Patch Tuesday release appears moderately light compared with the previous month’s, with only 11 security bulletins with four rated ‘Critical’, while the rest are rated as ‘Important’. Microsoft addressed a total of 26 vulnerabilities this April. The critical security updates issued by Microsoft all deal with remote code execution (RCE) vulnerabilities. One of the […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroApril 2015 Patch Tuesday Issues Updates to Microsoft Office
  • How Targeted Attacks Changed in 2014

    TrendLabs - Malware Blog
    2014 was a year in which we saw further refinements in targeted attack methodologies. As more organizations upgraded to newer versions of Windows, we saw the increased use of 64-bit malware in several campaigns. Examples of 64-bit malware include HAVEX, a remote access Trojan (RAT) used in a campaign that targeted industrial control systems (ICS), and WIPALL, […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroHow Targeted Attacks Changed in 2014

Market Place