Top IT Security Bloggers
TrendLabs - Malware Blog
-
Our New Blog
TrendLabs - Malware BlogSecurity Intelligence Blog has a new home! Our new site is https://www.trendmicro.com/en_us/research.html Read new threat discoveries, relevant perspectives on security incidents and attacks, and the latest news happening in the cybersecurity space. See you there!
The post Our New Blog appeared first on . -
How Unsecure gRPC Implementations Can Compromise APIs, Applications
TrendLabs - Malware BlogIn this blog, we will discuss the security pitfalls that developers might face when shifting to gRPC and implementing gRPC in their projects. Because secure gRPC APIs play a pivotal role in overall application security, we provide recommendations on how to protect gRPC implementations from threats and mitigate against risks.
The post How Unsecure gRPC Implementations Can Compromise APIs, Applications appeared first on . -
XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits
TrendLabs - Malware BlogWe have discovered an unusual infection related to Xcode developer projects. Upon further investigation, we discovered that a developer’s Xcode project at large contained the source malware, which leads to a rabbit hole of malicious payloads. Most notable in our investigation is the discovery of two zero-day exploits: one is used to bypass the System Integrity Protection(SIP) read feature on macOS, another is used to abuse the development version of Safari.
The post XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits appeared first on . -
August Patch Tuesday Fixes Critical IE, Important Windows Vulnerabilities Exploited in the Wild
TrendLabs - Malware BlogThe August batch of Patch Tuesday updates includes 120 updates for the Microsoft suite, with 17 fixes rated as Critical, and the remaining 103 ranked as Important.
The post August Patch Tuesday Fixes Critical IE, Important Windows Vulnerabilities Exploited in the Wild appeared first on . -
Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts
TrendLabs - Malware BlogA series of ongoing business email compromise (BEC) campaigns that uses spear-phishing schemes on Office 365 accounts has been seen targeting business executives of over 1,000 companies across the world since March 2020. The recent campaigns target senior positions in the United States and Canada.
The fraudsters, whom we named “Water Nue,” primarily target accounts of financial executives to obtain credentials for further financial fraud. The phishing emails redirect users to fake Office 365 login pages. Once the credentials are obtained and accounts are successfully compromised, emails containing invoice documents with tampered banking information are sent to subordinates in an attempt to siphon money through fund transfer requests.
The post Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts appeared first on . -
Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902
TrendLabs - Malware BlogWe found an internet of things (IoT) Mirai botnet downloader exploiting CVE-2020-5902 in the wild, two weeks after getting a 10 out of 10 CVSS rating in its disclosure. Analyzing the said variant, it can also abuse nine other recently discovered security bugs in other devices.
The post Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 appeared first on . -
Ensiko: A Webshell With Ransomware Capabilities
TrendLabs - Malware BlogEnsiko is a PHP web shell with ransomware capabilities that targets various platforms such as Linux, Windows, macOS, or any other platform that has PHP installed. The malware has the capability to remotely control the system and accept commands to perform malicious activities on the infected machine.
The post Ensiko: A Webshell With Ransomware Capabilities appeared first on . -
Updates on ThiefQuest, the Quickly-Evolving macOS Malware
TrendLabs - Malware BlogBy Steven Du, Gabrielle Mabutas, and Luis Magisa Right as July of this year began, we noticed an emerging malware dubbed by most as ThiefQuest (also known as EvilQuest), a threat that targets macOS devices, encrypts files, and installs keyloggers in affected systems. It has been found in pirated versions of macOS shared on popular...
The post Updates on ThiefQuest, the Quickly-Evolving macOS Malware appeared first on . -
Patch Tuesday: Fixes for ‘Wormable’ Windows DNS Server RCE, SharePoint Flaws
TrendLabs - Malware BlogThe July update issues 123 patches, including fixes in RemoteFX vGPU, Microsoft Office, Microsoft Windows, OneDrive, and Jet Database Engine. The patches address 18 vulnerabilities rated Critical and 105 that were rated Important in severity.
The post Patch Tuesday: Fixes for ‘Wormable’ Windows DNS Server RCE, SharePoint Flaws appeared first on . -
New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173
TrendLabs - Malware BlogWe discovered a new Mirai variant that exploits nine vulnerabilities, most notable of which is CVE-2020-10173 in Comtrend VR-3033 routers which we have not observed exploited by past Mirai variants.
The post New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173 appeared first on .