• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
The New Norm: Trend Micro Security Predictions for 2020

The New Norm: Trend Micro Security Predictions for 2020

Our security predictions for 2020 reflect our experts’ opinions and insights on current and emerging threats and technologies. Our report paints a picture of a possible future landscape driven by technological advances and evolved threats to enable enterprises to make informed decisions on their cybersecurity posture in 2020 and beyond. The future looks complex, exposed, and misconfigured — but it is also defensible.

Read more

Why Running a Privileged Container in Docker Is a Bad Idea

Why Running a Privileged Container in Docker Is a Bad Idea

In this blog post, we will explore how running a privileged yet unsecure container may allow cybercriminals to gain a backdoor in an organization’s system.

Read more

A MyKings Retrospective: Using the MITRE ATT&CK Matrix for Increased Visibility

A MyKings Retrospective: Using the MITRE ATT&CK Matrix for Increased Visibility

We take a closer look at an incident involving the MyKings botnet to show how the MITRE ATT

Read more

Drilling Deep: A Look at Cyberattacks on the Oil and Gas Industry

Drilling Deep: A Look at Cyberattacks on the Oil and Gas Industry

We break down the digital attacks against the oil and gas industry and its supply chain.

Read more

Fake Company, Real Threats: Logs From a Smart Factory Honeypot

Fake Company, Real Threats: Logs From a Smart Factory Honeypot

To determine threat actors’ degree of knowledge in compromising a smart factory, we deployed our most elaborate honeypot to date. The incidents we observed show the kinds of attacks that can easily affect poorly secured manufacturing environments.

Read more

Operation Poisoned News: Hong Kong Users Targeted With Mobile Malware via Local News Links
  • Posted on:March 24, 2020 at 5:01 am
  • Posted in:Malware, Mobile
  • Author:
    Trend Micro
0

A recently discovered watering hole attack has been targeting iOS users in Hong Kong. The campaign uses links posted on multiple forums that supposedly lead to various news stories. While these links lead users to the actual news sites, they also use a hidden iframe to load and execute malicious code. The malicious code contains exploits that target vulnerabilities present in iOS 12.1 and 12.2. Users that click on these links with at-risk devices will download a new iOS malware variant, which we have called lightSpy.

Read More
Tags: androiddmsSpyiOSlightSpyOperation Poisoned News

OpenSMTPD Vulnerability (CVE-2020-8794) Can Lead to Root Privilege Escalation and Remote Code Execution
  • Posted on:March 12, 2020 at 6:00 am
  • Posted in:Vulnerabilities
  • Author:
    Trend Micro
0

A root privilege escalation and remote execution vulnerability (designated as CVE-2020-8794) has been discovered in the free and open-source Unix Daemon, OpenSMTPD. The flaw originates from an out-of-bounds read, which attackers can take advantage of to execute arbitrary code on vulnerable systems.

Read More
Tags: CVE-2020-8794RCErootUnix Daemon

Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan
  • Posted on:March 11, 2020 at 6:00 am
  • Posted in:Malware
  • Author:
    Trend Micro
0

We recently discovered a new campaign that we dubbed “Operation Overtrap” for the numerous ways it can infect or trap victims with its payload. The campaign mainly targets online users of various Japanese banks by stealing their banking credentials using a three-pronged attack. Based on our telemetry, Operation Overtrap has been active since April 2019 and has been solely targeting online banking users located in Japan.

Read More
Tags: banking malwarebanking TrojanBottle exploit kitBottleEKCinobiexploit kitOperation Overtrap

March Patch Tuesday: LNK, Microsoft Word Vulnerabilities Get Fixes, SMBv3 Patch Follows
  • Posted on:March 10, 2020 at 7:35 pm
  • Posted in:Vulnerabilities
  • Author:
    Trend Micro
0

Following the unexpectedly long list of fixes included in last month’s Patch Tuesday, March brings an even longer one, albeit less eventful. A total of 115 vulnerabilities were fixed, 26 of which were identified as Critical as they could lead to remote code execution (RCE). 88 were classified as Important and included patches for various Windows components such as Microsoft Office, Work Folders, and Network Connections Service. One final vulnerability was classified as Moderate. None of this month’s listed vulnerabilities were exploited in the wild before they were patched this month.

Read More
Tags: Patch Tuesday

Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)
  • Posted on:March 10, 2020 at 7:02 am
  • Posted in:Vulnerabilities
  • Author:
    Trend Micro
0

Apache Tomcat is a popular open-source Java servlet container, so the discovery of Ghostcat understandably set off some alarms. This blog entry seeks to put the most feared Ghostcat-related scenario into perspective by delving into the unlikely circumstances that would make it possible to allow an RCE through the vulnerability.

Read More
Tags: Apache Tomcatvulnerability
Page 1 of 79412 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • LokiBot Impersonates Popular Game Launcher and Drops Compiled C# Code File
  • Misconfigured Container Abused to Deliver Cryptocurrency-mining Malware
  • Dissecting Geost: Exposing the Anatomy of the Android Trojan Targeting Russian Banks
  • February Patch Tuesday: Fixes for Critical LNK, RDP, Trident Vulnerabilities
  • Security Risks in Online Coding Platforms

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.