Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2014
    S M T W T F S
    « Aug    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Vulnerabilities’ Category




    We have previously discussed about certain file locker apps that fail to hide files properly. We recently came across yet another file locker app, AppLock, which has the same issue. However, the vulnerability concerning this app goes beyond improperly hiding files—the vulnerability can allow other apps to manipulate the app’s configuration files. The configuration files include data such as the application’s preferences files, login passwords and emails, and even the Google Ad Publisher ID, which is used for Google AdSense accounts. Access ...

    Posted in Mobile, Vulnerabilities |



    For this month’s patch Tuesday, Microsoft released four security bulletins, addressing flaws found in Internet Explorer, Microsoft .NET Framework, Microsoft Windows, and Microsoft Lync server.  One bulletin is rated as ‘Critical’ while the rest are tagged as ‘Important’. One of the notable bulletins in this month’s cycle is MS14-052, which addresses thirty-six vulnerabilities found in Internet Explorer. IE 6 to 11 are affected by these vulnerabilities. MS14-053 resolves issues found in the Microsoft .NET Framework that could allow denial of service once exploited ...

    Posted in Vulnerabilities |



    Our friends at the ShadowServer Foundation are now scanning for the Netcore/Netis router backdoor which we found in August.  Their findings are in line with what we published then: that the vast majority of those affected in China, with more than a million scanned IP addresses currently affected by this threat. The devices at these IP addresses are vulnerable to being taken over by attackers due to an open port on the external side of the router; accessing this port and entering a fixed password ...




    In the past couple of weeks, the effectiveness of PGP as a way to encrypt the emails of users has been a subject of much debate. This latest round was kicked off by Matthew Green, a professor of cryptography at Johns Hopkins University, who criticized PGP primarily for flaws in key management and for its lack of forward secrecy. It's very important for the industry, as a whole, to get encryption right. It's fundamental to securing online lives in the 21st century. ...

    Posted in Vulnerabilities |



    The first half of this year has been quite eventful for the mobile threat landscape. Sure, we had an idea the state of affairs from 2013 would continue on to this year, but we didn't know just to what extent. From ballooning mobile malware/high risk app numbers to vulnerabilities upon vulnerabilities, let's recap just what happened in the past six months and see if we can learn anything from them for the six months ahead. So, what did happen in the ...

    Posted in Mobile, Vulnerabilities |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice