• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Current News   »   This Week in Security News: Trickbots and Infected Containers

This Week in Security News: Trickbots and Infected Containers

  • Posted on:May 31, 2019
  • Posted in:Current News, Security
  • Posted by:
    Jon Clay (Global Threat Communications)
0
week in security

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how a Trickbot attacked a school district’s networks and how infected cryptocurrency-mining containers target docker hosts with exposed APIs.

Read on:

Trickbot Attack Forces Ohio School District to Cancel Classes

A school district in Ohio suspended classes on Monday, May 20, because of a Trickbot attack on its network and computers.

 

The IoT Attack Surface: Threats and Security Solutions

Part of adopting the IoT is anticipating what else the technology brings to the environments it is being applied to — not least of which are security concerns that can give rise to successful attacks on IoT systems and devices.

Hacker Has Designs on Canva Data, Steals Info Belonging to 139M Users

The graphic design website Canva was hacked in a data theft incident, which exposed usernames, email addresses, encrypted passwords, customer names and more.

CVE-2019-0725: An Analysis of Its Exploitability

A remote code execution vulnerability from May’s Patch Tuesday is particularly hard to ignore: CVE-2019-0725, an RCE vulnerability in Windows Dynamic Host Configuration Protocol (DHCP) Server, which doesn’t require user interaction and affects all versions of Windows Server.

New Mirai Variant Uses Multiple Exploits to Target Routers and Other Devices

Trend Micro discovered a new variant of Mirai that uses a total of 13 different exploits in a single campaign – the first Mirai variant to do so – and has backdoor and distributed denial-of-service (DDoS) capabilities.

First American Hit with Class Action Lawsuit Over Massive Data Exposure

Insurance giant First American Financial is facing a class action lawsuit for negligence after it left more than 885 million sensitive documents dating as far back as 2003 exposed online. 

CVE-2019-11815: A Cautionary Tale About CVSS Scores

At first glance, the details for Linux kernel vulnerability CVE-2019-11815’s score from CVSS seem like a worst-case scenario but assessing a vulnerability’s potential impact goes beyond the attack vector, privileges, and CIA impact of the base score.

Flipboard Says Hackers Stole User Details

Flipboard, a news aggregator service and mobile news app, has started notifying users of a security incident during which hackers had access to internal systems for more than nine months.

Infected Cryptocurrency-Mining Containers Target Docker Hosts With Exposed APIs, Use Shodan to Find Additional Victims

By analyzing the logs and traffic data coming to and from a honeypot, Trend Micro found a container that came from a public and accessible Docker Hub repository named zoolu2 that contained images with the binary of a Monero cryptocurrency miner.

Nearly 1 Million Systems Affected By ‘Wormable’ BlueKeep Vulnerability (CVE-2019-0708)

Almost a million systems are reportedly vulnerable to BlueKeep, a critical vulnerability in remote desktop services, but Microsoft’s Patch Tuesday for May already rolled out patches for BlueKeep and security advisories were released to help users address the vulnerability.

Under GDPR, UK Data Breach Reports Quadruple

The United Kingdom has seen the number of data breach notifications more than quadruple since Europe’s GDPR privacy law went into full force a result of mandatory reporting driving better visibility

Where you surprised that a Trickbot attack could cause school districts to cancel classes? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

Related posts:

  1. This Week in Security News: Tax Scams and Spam Emails
  2. This Week in Security News: 5G Security and Tax Scams
  3. This Week in Security News: Cyberespionage Campaigns and Botnet Malware
  4. This Week in Security News: Fake Apps & Malicious Bots

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Detected Cyber Threats Rose 20% to Exceed 62.6 Billion in 2020
  • Trend Micro Recognized on CRN Security 100 List
  • Trend Micro Reports Solid Results for Q4 and Fiscal Year 2020
  • Connected Cars Technology Vulnerable to Cyber Attacks
  • Trend Micro Asks Students How Their Relationship to the Internet Has Changed During COVID-19
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.