Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    November 2014
    S M T W T F S
    « Oct    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Exploits’ Category



    Sep26
    1:21 am (UTC-7)   |    by

    In the immediate aftermath of the Bash vulnerability known as Shellshock, we have already seen some attacks using it to deliver DDoS malware onto Linux systems. However, given the severity of this vulnerability, it is almost certain that we will see bigger, severer attacks. What are some of the scenarios we could potentially see? Servers Web servers are currently at the highest risk of being exploited. CGI scripting is, at this time, the most reliable and best documented way of exploiting this vulnerability. As our earlier entry ...

    Posted in Exploits, Vulnerabilities | Comments Off



    Just several hours after the news on the bash vulnerability (covered under CVE-2014-7169) broke out, it was reportedly being exploited in the wild already.  This vulnerability can allow execution of arbitrary code, thus compromising the security of systems. Some of the possible scenarios that attackers can do range from changing the contents of web server and website code to defacing the website to even stealing user data from databases, among others. We spotted samples which are the payload of the actual exploit ...




    Exploits are frequently used in targeted attacks to stealthily infect systems. These exploits do not have to target newly discovered or zero-day vulnerabilities; for example, CVE-2013-2551 (a vulnerability in Internet Explorer) is still being targeted in 2014. However, zero-day exploits are still a serious threat as these can catch all parties off-guard, including security vendors. Zero-days take advantage of this insecurity window to expose even diligent users and administrators to different threats. Research for Protection Our products contain technologies that help address these concerns. These include  browser ...

    Posted in Exploits, Vulnerabilities | Comments Off



    Exploit kits have long been part of a cybercriminal’s arsenal. One of the most notorious exploit kits in recent years is the Blackhole Exploit Kit. Coverage over this particular exploit kit reached a fevered pitch with the arrest of its author in 2013. The Blackhole Exploit Kit may have met its demise, but this hasn’t deterred cybercriminals from using other exploit kits for their schemes. In fact, other exploit kits are still in use, often with improvements or upgrades. An example ...




    The incidents that cropped up in the months of April to June 2014—from the data breaches, DDoS attacks, to malware improvements and threats to privacy—highlighted the need for enterprises to craft a more strategic response against and in anticipation of security threats. There were plenty of threats to be found in the quarter. There was the major vulnerability, Heartbleed, in the widely used cryptographic library OpenSSL. We saw both tech companies and restaurant chains fall victim to data breaches. We saw ...



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice