Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    October 2014
    S M T W T F S
    « Sep    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Exploits’ Category




    Just several hours after the news on the bash vulnerability (covered under CVE-2014-7169) broke out, it was reportedly being exploited in the wild already.  This vulnerability can allow execution of arbitrary code, thus compromising the security of systems. Some of the possible scenarios that attackers can do range from changing the contents of web server and website code to defacing the website to even stealing user data from databases, among others. We spotted samples which are the payload of the actual exploit ...




    Exploits are frequently used in targeted attacks to stealthily infect systems. These exploits do not have to target newly discovered or zero-day vulnerabilities; for example, CVE-2013-2551 (a vulnerability in Internet Explorer) is still being targeted in 2014. However, zero-day exploits are still a serious threat as these can catch all parties off-guard, including security vendors. Zero-days take advantage of this insecurity window to expose even diligent users and administrators to different threats. Research for Protection Our products contain technologies that help address these concerns. These include  browser ...

    Posted in Exploits, Vulnerabilities |



    Exploit kits have long been part of a cybercriminal’s arsenal. One of the most notorious exploit kits in recent years is the Blackhole Exploit Kit. Coverage over this particular exploit kit reached a fevered pitch with the arrest of its author in 2013. The Blackhole Exploit Kit may have met its demise, but this hasn’t deterred cybercriminals from using other exploit kits for their schemes. In fact, other exploit kits are still in use, often with improvements or upgrades. An example ...

    Posted in Exploits, Vulnerabilities |



    The incidents that cropped up in the months of April to June 2014—from the data breaches, DDoS attacks, to malware improvements and threats to privacy—highlighted the need for enterprises to craft a more strategic response against and in anticipation of security threats. There were plenty of threats to be found in the quarter. There was the major vulnerability, Heartbleed, in the widely used cryptographic library OpenSSL. We saw both tech companies and restaurant chains fall victim to data breaches. We saw ...




    At the tail end of July, we wrote about Gizmodo Brazil being compromised by cybercriminals in order to lead visitors into downloading backdoor malware into their machine. This is of course a very big deal, since it is a rather large and noteworthy website being hacked into - but it's par for the course for the region, seeing as the modus operandi of criminals that target Brazilian users typically resort to compromised websites and hosts in order to host malware and ...

    Posted in Bad Sites, Exploits, Vulnerabilities | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice