• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Author / JJ Reyes (Advanced Threats Researcher)

Joseph Reyes

Advanced Threats Researcher

New Adobe Zero-Day Exploit

  • Posted on:October 9, 2009
  • Posted in:Exploits, Malware, Vulnerabilities
  • Posted by:
    JJ Reyes (Advanced Threats Researcher)
25

Trend Micro threat analysts were alerted to the discovery of a zero-day exploit that affects Adobe Reader and Acrobat 9.1.3 and earlier versions (CVE-2009-3459). Trend Micro detects this as TROJ_PIDIEF.UO. This .PDF file contains an embedded JavaScript, which Trend Micro detects as JS_AGENTT.DT. This JavaScript is used to execute arbitrary codes in a technique known…

Read More

Adobe Acrobat/Reader getIcon() Vuln Exploit in the Wild

  • Posted on:April 9, 2009
  • Posted in:Vulnerabilities
  • Posted by:
    JJ Reyes (Advanced Threats Researcher)
5

Cyber criminals have now updated their PDF exploits to include the getIcon() vulnerability (CVE-2009-0927). We currently detect this as TROJ_PIDIEF.OE. As usual, we highly encourage users to update now to the latest versions of Adobe Acrobat and Adobe Reader (if you haven’t yet). Reading the security advisory by Adobe closely, we see that this issue…

Read More
Tags: adobe acrobatadobe readerCVE-2009-092Exploit

YAEE

  • Posted on:June 21, 2006
  • Posted in:Bad Sites
  • Posted by:
    JJ Reyes (Advanced Threats Researcher)
0

Or ‘Yet Another Excel Exploit’. A post was made yesterday to Full-Disclosure on a(nother) 0-day for Excel. And yes, code execution is possible. This time, a user needs to open the file and click on a (specially-crafted, a buzzword nowadays)link specified inside the file to trigger the exploit. Same safety-precautions apply when a 0-day is…

Read More

0-day MS Word used in targetted attack

  • Posted on:May 19, 2006
  • Posted in:Bad Sites
  • Posted by:
    JJ Reyes (Advanced Threats Researcher)
0

According to Internet Storm Center (ISC), a 0-day in MS word was used in a targetted attack against a certain company. We’ve also received a customer inquiry, and yes, we are aware of it.I’ve sent out a request for the sample, and hopefully, we’ll have it by today.Update(Jovs, 20 May 2006 00:48:01)We have just acquired…

Read More

“An Open Letter to Security Vendors”

  • Posted on:April 24, 2006
  • Posted in:Bad Sites
  • Posted by:
    JJ Reyes (Advanced Threats Researcher)
0

Yes, obviously a copy-pasted title, and this one is from PC Magazine. To summarize, the author discusses how and what Security Vendors should do in order to keep Microsoft at bay (coming from an end-user, that is). And oh, a quote: “Trend Micro has all the right tools in the box, but its antispyware component…

Read More
Page 1 of 1012 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.