On March 19 we wrote about how OpenSSL disclosed and fixed 13 vulnerabilities to address several security holes. Among the vulnerabilities addressed was CVE-2015-1787, which can result in a complete denial of service on an application compiled with OpenSSL library. This blog post will tackle how the bug can be exploited, and how Trend Micro can protect against future possible attacks. CVE-2015-17187…
Read MoreCurrently, we have been seeing an uptick in the number of denial-of-service attacks using DNS reflection or amplification. There are many variants, but the general outline of the attack is the same: An attacker creates a DNS query with a fake source IP address – that of the intended victim. (Consider this as being analogous…
Read More