• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Exploits

Drupal Vulnerability (CVE-2018-7602) Exploited to Deliver Monero-Mining Malware
  • Posted on:June 21, 2018 at 5:01 am
  • Posted in:Botnets, Exploits, Malware, Vulnerabilities
  • Author:
    Trend Micro
0

We were able to observe a series of network attacks exploiting CVE-2018-7602, a security flaw in the Drupal content management framework. For now, these attacks aim to turn affected systems into Monero-mining bots. Of note are its ways of hiding behind the Tor network to elude detection and how it checks the affected system first before infecting it with a cryptocurrency-mining malware. While these attacks currently deliver resource-stealing and system performance-slowing malware, the vulnerability can be used as a doorway to other threats.

Read More
Tags: cryptocurrency minerCVE-2018-7602drupalMonero

June Patch Tuesday: Microsoft Addresses DNS-related Vulnerability, Adobe Patches Critical Flash Player Flaw
  • Posted on:June 13, 2018 at 1:00 am
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Trend Micro
0

This month’s Patch Tuesday entry patched a number of critical vulnerabilities from Microsoft and Adobe, including a DNS-related vulnerability, CVE-2018-8225 and a critical Flash Player vulnerability, CVE-2018-5002.

Read More
Tags: AdobeMicrosoftpatchTuesday

Rig Exploit Kit Now Using CVE-2018-8174 to Deliver Monero Miner
  • Posted on:May 31, 2018 at 5:01 am
  • Posted in:Bad Sites, Exploits, Malware, Vulnerabilities
  • Author:
    Trend Micro
0

An exploit kit such as Rig usually starts off with a threat actor compromising a website to inject a malicious script/code that eventually redirects would-be victims to the exploit kit’s landing page. Sometime around February to March last year, however, we saw Rig’s Seamless campaign adding another layer or gate before the actual landing page.

Along with updates in code, we also observed Rig integrating a cryptocurrency-mining malware as its final payload. Based on the latest activities we’ve observed from Rig, they’re now also exploiting CVE-2018-8174, a remote code execution vulnerability patched in May and reported to be actively exploited. The exploit also appears to be from a recently disclosed proof of concept. The security flaw affects systems running Windows 7 and later operating systems, and the exploit works through Internet Explorer (IE) and Microsoft Office documents that use the vulnerable script engine.

Read More
Tags: cryptocurrency minerCVE-2018-4878Internet ExplorerMonerorig exploit kit

Microsoft Patch Tuesday for May Includes Updates for Actively-Exploited Vulnerabilities
  • Posted on:May 9, 2018 at 1:39 am
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Trend Micro
0

For May 2018, Microsoft’s monthly release of security updates — also known as Patch Tuesday — addressed a number of vulnerabilities, most notably two vulnerabilities that were already actively exploited in attacks.

Read More
Tags: MicrosoftPatch Tuesday

Microsoft’s April Patch Tuesday Fixes Remote Code Execution Vulnerabilities in Fonts and Keyboard
  • Posted on:April 11, 2018 at 2:58 am
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Trend Micro
0

Microsoft has rolled out its Patch Tuesday for April to address security issues in Internet Explorer (IE), Edge, ChakraCore, Visual Studio, Microsoft Office and Office Services and Web Apps, and Malware Protection Engine. Of the 67 listed vulnerabilities, 24 were rated critical. Eight of these were disclosed through Trend Micro’s ZDI program.

Read More
Tags: AdobeAppleMicrosoftPatch Tuesday
Page 1 of 6412 › »

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Malicious Edge and Chrome Extension Used to Deliver Backdoor
  • Confucius Update: New Tools and Techniques, Further Connections with Patchwork
  • GPON Vulnerabilities Exploited for Mexico-based Mirai-like Scanning Activities
  • Malicious Traffic in Port 7001 Surges as Cryptominers Target Patched 2017 Oracle WebLogic Vulnerability
  • How Chat App Discord Is Abused by Cybercriminals to Attack ROBLOX Players

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.