Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    October 2014
    S M T W T F S
    « Sep    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Vulnerabilities’ Category




    Microsoft has announced the discovery of a zero-day vulnerability affecting all supported versions of Microsoft Windows and Windows Server 2008 and 2012. Reports are also coming in that this specific vulnerability has been exploited and used in attacks against the North Atlantic Treaty Organization (NATO) and several European industries and sectors. According to reports, this vulnerability (CVE-2014-4114) was exploited as part of a cyber-espionage campaign of attackers dubbed as the “Sandworm Team.” This particular vulnerability has allegedly been in use since ...




    The Bash vulnerability known as Shellshock can be exploited via several attack surfaces including web applications, DHCP, SIP, and SMTP. With multiple proofs of concept (including Metasploit code) available in the public domain, this vulnerability is being heavily exploited. Most discussion of Shellshock attacks have focused on attacks on web apps. There has been relatively little discussion on on other surfaces like DHCP, SMTP, and CUPS. In this post, we’ll  tackle Shellshock exploits over the DHCP protocol. These techniques could be used by an ...

    Posted in Exploits, Vulnerabilities |



    Since the discovery of Shellshock, Trend Micro has continuously monitored the threat landscape for any attacks that may leverage these vulnerabilities. So far, we have identified an active IRC bot, exploit attempts in Brazil and China, botnet attacks, and a wide variety of malware payloads such as ELF_BASHLITE.A, ELF_BASHLET.A, and PERL_SHELLBOT.WZ among others.  It is reported that other vulnerable protocols like HTTP, SMTP, SSH, and FTP are also affected by Shellshock. We found that one of the payloads of Bash vulnerabilities, which we ...




    Late last month, we reported about a backdoor vulnerability that we discovered in Netcore/Netis brand routers, a backdoor that made any network attached to a router of the same brand vulnerable to online infiltration and man-in-the-middle attacks. We also reported on how our friends at the ShadowServer Foundation have been kind enough to scan for IP addresses affected by this vulnerability, with their findings readily available in website form. At the time, the number of affected IP addresses numbered to more than ...

    Posted in Bad Sites, Vulnerabilities |



    Since the initial discovery of the initial Shellshock vulnerability and multiple reports of it being exploited in the wild, more vulnerabilities have been found in Bash. This was not unexpected. After the initial disclosure of Heartbleed, other vulnerabilities were found in OpenSSL. This pattern is repeating itself with Shellshock and Bash. Summary of Shellshock Currently, six CVEs have been assigned that are related to Shellshock. The remotely exploitable attacks are related to a known feature of the Bash shell: it is possible to ...

    Posted in Exploits, Vulnerabilities |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice