Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2014
    S M T W T F S
    « Jun    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Vulnerabilities’ Category




    In the previous part of this post, we explained what the "smartification" of the home is, why people are adopting it, and looked into some of the factors that can influence how people choose to add home automation into their daily lives. What are some additional factors that influence whether smart devices are accepted into homes? Replacement of Existing Equipment As existing devices and appliances in the home need replacement, homeowners may choose to replace these with smart devices. Of course, users may ...

    Posted in Data, Social, Vulnerabilities |



    Over the past few years, there has been proliferation of intelligent connected devices introduced into homes across the globe. These devices can range from the familiar - such as tablets, smart phones, and smart TVs - to the less familiar, such as utility meters, locks, smoke and carbon monoxide detectors, motion detectors and scales. Other devices, like wearable technologies, or wearables, such as fitness and lifestyle monitoring devices, and smart glasses are making an entrance into our regular way of life. This effect, known as “smartification” ...

    Posted in Data, Social, Vulnerabilities |



    Two out of seven bulletins in today’s Microsoft Patch Tuesday are tagged as critical while the rest are marked as important. The critical bulletins addressed a number of vulnerabilities found existing in Microsoft Office and Internet Explorer, which when exploited could allow remote code execution, thus compromising the security of the systems. Perhaps the most interesting bulletin here is MS14-035, which resolves flaws in Internet Explorer versions 6 to 11, can be abused via a specially crafted web page and can possibly ...

    Posted in Vulnerabilities |



    OpenSSL has recently released six security updates addressing vulnerabilities found in OpenSSL. As of this writing, there is no reported exploit leveraging these vulnerabilities in the wild. The security patches cover the following vulnerabilities: SSL/TLS MITM vulnerability (CVE-2014-0224) DTLS recursion flaw (CVE-2014-0221) DTLS invalid fragment vulnerability (CVE-2014-0195) SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198) SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298) Anonymous ECDH denial of service (CVE-2014-3470) When SSL/TLS MITM vulnerability is exploited via man-in-the-middle attacks, it can allow remote attacker to change traffic from any vulnerable client ...

    Posted in Vulnerabilities |



    In the recent 2H-2013 Targeted Attack Roundup Report we noted that we have been seeing several targeted attack campaign-related attacks in Taiwan. We are currently monitoring a campaign that specifically targets government and administrative agencies in Taiwan. We are naming this specific campaign PLEAD because of the letters of the backdoor commands issued by the related malware. The point of entry for this campaign is through email. In the PLEAD campaign, threat actors use the RTLO (right to left override) technique in order ...



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice