• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Author / Trend Micro

VPNFilter-affected Devices Still Riddled with 19 Vulnerabilities
  • Posted on:July 13, 2018
  • Posted in:Internet of Things, Vulnerabilities
  • Posted by:
    Trend Micro
0

This blog tackles the recently ill-famed VPNFilter malware and if deployed devices are vulnerable to it. VPNFilter is a newly discovered, multi-stage malware (detected by Trend Micro as ELF_VPNFILT.A, ELF_VPNFILT.B, ELF_VPNFILT.C, and ELF_VPNFILT.D) that affects many models of connected devices. Based on our data from June 1 to July 12, plenty of the devices are still using old firmware versions. In fact, 19 known vulnerabilities, not only taken advantage of by VPNFilter but other malware as well, can still be detected in devices up to this day.

Read More
Tags: IOTMalwaresecurityVPNFiltervulnerability

July Patch Tuesday: Large Adobe Security Update and Patches for 18 Critical Microsoft Vulnerabilities
  • Posted on:July 10, 2018
  • Posted in:Exploits, Vulnerabilities
  • Posted by:
    Trend Micro
0

Patch Tuesday for July addresses 53 Microsoft and 107 Adobe vulnerabilities.

Read More
Tags: 2018JunePatch Tuesday

Down but Not Out: A Look Into Recent Exploit Kit Activities
  • Posted on:July 2, 2018
  • Posted in:Bad Sites, Exploits, Malware, Vulnerabilities
  • Posted by:
    Trend Micro
0

Exploit kits may be down, but they’re not out. While they’re still using the same techniques that involve malvertisements or embedding links in spam and malicious or compromised websites, their latest activities are making them significant factors in the threat landscape again. This is the case with Rig and GrandSoft, as well as the private exploit kit Magnitude — exploit kits we found roping in relatively recent vulnerabilities to deliver cryptocurrency-mining malware, ransomware, botnet loaders, and banking trojans.

Read More
Tags: CVE-2018-8174exploit kitsGrandSoft Exploit KitMagnitude exploit kitrig exploit kit

The New Face of Necurs: Noteworthy Changes to Necurs’ Behaviors
  • Posted on:June 28, 2018
  • Posted in:Botnets, Malware
  • Posted by:
    Trend Micro
0

by Anita Hsieh, Rubio Wu, Kawabata Kohei Six years after it was first spotted in the wild, the Necurs malware botnet is still out to prove that it’s a malware chameleon.  We recently discovered noteworthy changes to the way Necurs makes use of its bots, such as pushing infostealers on them and showing a special…

Read More
Tags: NECURS

Cryptocurrency-Mining Bot Targets Devices With Running SSH Service via Potential Scam Site
  • Posted on:June 26, 2018
  • Posted in:Internet of Things, Malware
  • Posted by:
    Trend Micro
0

Our honeypot sensors, which are designed to emulate Secure Shell (SSH), Telnet, and File Transfer Protocol (FTP) services, recently detected a mining bot related to the IP address 192.158.228.46. The address has been seen to search for both SSH- and IoT-related ports, including 22, 2222, and 502. In this particular attack, however, the IP has landed on port 22, SSH service. The attack could be applicable to all servers and connected devices with a running SSH service.

Read More
Tags: botcryptocurrencycybercrimeminingSSH
Page 1 of 7712 › »

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Using Insights From DefPloreX-NG to Thwart Web Defacement Attacks
  • VPNFilter-affected Devices Still Riddled with 19 Vulnerabilities
  • North American Malware Trends: Taking a Proactive Approach to Modern Threats
  • Cryptocurrency-Mining Bot Targets Devices With Running SSH Service via Potential Scam Site
  • The New Face of Necurs: Noteworthy Changes to Necurs’ Behaviors

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.