So much for a quiet January! By now you must have heard about the new Microsoft® vulnerability CVE-2020-0601, first disclosed by the NSA (making it the first Windows bug publicly attributed to the National Security Agency). This vulnerability is found in a cryptographic component that has a range of functions—an important one being the ability…
Read More
Most organisations see supply chains as providers of physical goods and services. The supply chain management function in these companies usually provides the governance framework to reduce third-party risks and prevent hackers from stealing data, disrupting daily operations and affecting business continuity. But there’s another crucial part of this ecosystem which some organisations may be…
Read More
The threat landscape has changed often in the 22 years I’ve been working at Trend Micro and it will continue to change for many more years. We in cybersecurity are constantly at battle with hackers and threat actors who look to infect our customers using the many tactics available to them. Our job is to…
Read More
Drupal is the latest platform to issue an emergency patch for a critical vulnerability. The issue (CVE-2018-7600) allows an attacker to execute code remotely with little effort. That’s bad. The Drupal team has been quick to respond and has already issued a patch and a mitigation for users unable to immediately patch. In addition to…
Read MoreIn our 2016 security roundup report, A Record Year for Enterprise Threats, we talked about the vulnerability landscape during the year and what trends we saw. Let’s look at some of the key aspects of what we saw in 2016. 1. Trend Micro’s Zero Day Initiative (ZDI) with support of their 3,000+ independent vulnerability researchers,…
Read More
Just a day before Pwn2Own kicks off its 10th anniversary, join us in looking at the security updates released by Google, Adobe, VMWare, Firefox, and Microsoft for the month of March 2017. It’s shaping up to be the largest Patch Tuesday in history, which is fitting to coincide with the largest Pwn2Own ever. tl:dr –…
Read More
Over the last decade of Pwn2Own™ competitions, different people harbored different emotions towards the contest. It’s been referred to as a blood bath for browsers, although no actual blood has ever been spilt. It has helped launch people’s careers, or at the very least, it has helped increase their notoriety. It’s been accused of crushing…
Read More
Welcome to the first Trend Micro Zero Day Initiative (ZDI) monthly patch review blog. This month, we put additional context around the major security patches released from Microsoft and Adobe. As the crisp autumn air descends upon us, it is time again to take a look at the security patches released by Adobe and Microsoft…
Read More
I have been going to the same summer camp every year since I was about 5. Back then it was 4 single moms looking for a place to bring their kids for some outdoors fun and a hope that the kids would take part in an activity long enough to get through a chapter in…
Read More
Like most boys I liked to play with trucks when I was little. I would always go over to by buddy Jeremey’s house to play and one day he pulled out this red, white and blue truck. He was giddy about his truck after a few minutes of pushing it around he said “check this…
Read More
