• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Current News   »   This Week in Security News

This Week in Security News

  • Posted on:July 31, 2015
  • Posted in:Current News
  • Posted by:
    Gavin Donovan
0

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!

 

The Show Goes On—More “Stagefright” Horrors with Auto-Play Videos

Our researchers have now disclosed additional details about one of the vulnerabilities (CVE-2015-3824) in the so-called “Stagefright” cluster affecting Android users. The “Stagefright” vulnerability is actually a marketing label for a cluster seven individual vulnerabilities.

Today’s Russian Underground has Automized Infrastructure and Sophisticated Tools

Our research paper offers a look into a mature ecosystem with an increasingly professional underground infrastructure for the sale and trade of malicious goods and services. It also discusses the growing competition, process automation, the introduction of new attack avenues, and its community’s underground activities.

Compromised TV and Government-Related Sites Lead to PoisonIvy

A recent campaign compromised Taiwan and Hong Kong sites to deliver Flash exploits related to Hacking Team and eventually download PoisonIvy and other payloads in user systems. This campaign started on July 9, a few days after the Hacking Team announced it was hacked.

We Discovered a Vulnerability That Renders Android Devices Silent

We have discovered a vulnerability in Android that can render a phone apparently dead – silent, unable to make calls, with a lifeless screen. This vulnerability is present from Android 4.3 (Jelly Bean) up to the current version, Android 5.1.1 (Lollipop).

Windows 10’s New Browser Microsoft Edge is Improved, but also Brings New Risks

Last week we discussed how Microsoft Edge, the new browser in Windows 10, represented a significant increase in the security over Internet Explorer. However, there are also new potential threat vectors that aren’t present in older versions.

The Government is Headed Back to the Drawing Board over Controversial Cybersecurity Export Rules

The cybersecurity industry and the government have been struggling over proposed export rules that researchers say could end up making the Internet less safe. And now the government says it will try again and give the public another chance to weigh in.

Know the 4 Takeaways from Ponemon’s 2015 Healthcare Security Report

A shockingly high 91% of respondents reported falling victim to at least one data breach in the last 2 years. The majority of respondents had suffered 11 or more incidents. Healthcare IT teams understand that these percentages are unacceptable, but until now have largely failed to effectively mitigate data breach threats.

The FBI is Facing Challenges with its Cybersecurity Program

A government watchdog has discovered several roadblocks preventing the FBI from fully implementing a cybersecurity initiative aimed at thwarting threats to the United States. 

Cybersecurity Worries Among Executives Have Risen Sharply, According to New Survey

Of the executives surveyed from U.S. companies, law enforcement, government agencies, other organizations and other security experts, 75% said they were more concerned about cybersecurity threats this year than in the past 12 months.

Cybersecurity Research Institute Receives $1.73B in DOD Funding

The Defense Department announced Monday that it has renewed its contract with the Software Engineering Institute at Carnegie Mellon University, a federally funded research and development center chartered to study cybersecurity and software engineering.

Please add your thoughts in the comments below or follow me on Twitter; @GavinDonovan.

Related posts:

  1. This Week in Security News
  2. This Week in Security News
  3. This Week in Security News: Risky Radio Remotes and Cybercrime
  4. This Week in Security News

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.