• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   vulnerability

Microsoft Patches IE/Edge Zero-day Used in AdGholas Malvertising Campaign
  • Posted on:September 15, 2016 at 4:10 am
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Brooks Li (Threats Analyst) and Henry Li (Threats Analyst)
0
feature_vul

In July 2016, we worked with @kafeine of Proofpoint to help bring down the AdGholas malvertising campaign. This campaign started operating in 2015, which affected a million users per day during its peak before it was shut down earlier this year. It used the Angler and Neutrino exploit kits to attack victims. It also used steganography to hide malicious code within a picture.

In the process of working on this campaign, we found and analyzed an information disclosure vulnerability in both Internet Explorer and Microsoft Edge. We worked with Microsoft to address this flaw, named as CVE-2016-3351. Previously considered as a zero-day vulnerability, this issue was fixed in MS16-104 for Internet Explorer and MS16-105 for Edge, which was released though a patch earlier this week.

Read More
Tags: AdGholasCVE-2016-3351Internet Explorermalvertisingmicrosoft edgevulnerability

CVE-2016-6662 Advisory: Recent MySQL Code Execution/Privilege Escalation Zero-Day Vulnerability
  • Posted on:September 14, 2016 at 2:15 pm
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Trend Micro
0
feature_vul

Earlier this week, an independent researcher publicly disclosed a severe vulnerability in MySQL. This is a very popular open-source DBMS which is used by many organizations to manage their backend databases and websites. Proof of concept code was provided as part of the disclosure.

This particular vulnerability was designated as CVE-2016-6662, one of two serious flaws that the researcher found. This vulnerability allows an attacker to create the MySQL configuration file without having the privileges to do so, effectively taking over the server. The other assigned as CVE-2016-6663 has not yet been disclosed.

Read More
Tags: CVE-2016-6662My SQLvulnerability

ImageMagick Vulnerability Allows for Remote Code Execution, Now Patched
  • Posted on:May 6, 2016 at 6:50 am
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Sumit Soni (Vulnerability Research)
0
Vulnerability04

ImageMagick is a popular software suite that is used to display, convert, and edit images. On May 3, security researchers publicly disclosed multiple vulnerabilities in the open-source image processing tool in this suite, one of which could potentially allow remote attackers to take over websites.

Read More
Tags: CVE-2016-3714ImageMagickvulnerability

Adobe Releases Flash Security Update to Patch Exploited Vulnerability
  • Posted on:March 10, 2016 at 3:05 pm
  • Posted in:Vulnerabilities
  • Author:
    Paul Oliveria (Technical Communications)
0

Following its release of a security update for Acrobat and Reader, Adobe has released another one, this time to address 23 reported vulnerabilities in Flash. In its advisory (APSB16-08), Adobe notes that this patch addresses critical vulnerabilities that could allow an attack to gain control of an affected system. They further note that one of the vulnerabilities (CVE-2016-1010) “is being used in limited, targeted attacks.”

Read More
Tags: AdobeVulnerabilitiesvulnerability

Android Vulnerabilities Allow For Easy Root Access
  • Posted on:March 8, 2016 at 11:06 am
  • Posted in:Mobile, Vulnerabilities
  • Author:
    Wish Wu (Mobile Threat Response Engineer)
0

Qualcomm Snapdragon SoCs (systems on a chip) power a large percentage of smart devices in use today. The company’s own website notes that more than a billion devices use Snapdragon processors or modems. Unfortunately, many of these devices contain security flaws that could allow an attacker to gain root access. Gaining root access on a device is highly valuable; it allows the attacker access to various capabilities they would not have under normal circumstances.

Read More
Tags: androidvulnerability
Page 1 of 2112 › »

Business Email Compromise

  • How can a sophisticated email scam cause more than $2.3 billion in damages to businesses around the world?
    See the numbers behind BEC

Deep Web

  • Trend Micro researchers have been taking deep dives into cybercriminal territory for years now. Find out more about the inner workings of the Deep Web and underground markets.

Latest Ransomware Posts

  • The Rise and Fall of Encryptor RaaS
  • From RAR to JavaScript: Ransomware Figures in the Fluctuations of Email Attachments
  • A Show of (Brute) Force: Crysis Ransomware Found Targeting Australian and New Zealand Businesses
  • BkSoD by Ransomware: HDDCryptor Uses Commercial Tools to Encrypt Network Shares and Lock HDDs
  • Picture Perfect: CryLocker Ransomware Uploads User Information as PNG Files

Ransomware 101

  • This infographic shows how ransomware has evolved, how big the problem has become, and ways to avoid being a ransomware victim.
    Check the infographic

Popular Posts

  • Pokémon-themed Umbreon Linux Rootkit Hits x86, ARM Systems
  • New Version of Cerber Ransomware Distributed via Malvertising
  • CVE-2016-6662 Advisory: Recent MySQL Code Execution/Privilege Escalation Zero-Day Vulnerability
  • BkSoD by Ransomware: HDDCryptor Uses Commercial Tools to Encrypt Network Shares and Lock HDDs
  • Locky Ransomware Now Downloaded as Encrypted DLLs

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.