by Branden Lynch (Threats Analyst) The content management framework Drupal recently fixed a vulnerability (CVE-2019-6340) in their core software, identified as SA-CORE-2019-003. The flaw is categorized as highly critical, exposing vulnerable installations to unauthenticated remote code execution (RCE). The vulnerability affects a substantial portion of Drupal installations, since it impacts the widely installed RESTful Web… Continue reading Drupal Vulnerability (CVE-2019-6340) Can Be Exploited for Remote Code Execution
Month: February 2019
Analyzing WordPress Remote Code Execution Vulnerabilities CVE-2019-8942 and CVE-2019-8943
by Suraj Sahu and Jayesh Patel (Vulnerability Researchers) With its open-source, feature-rich, and user-friendly content management system (CMS), WordPress powers nearly 33 percent of today’s websites. This popularity is also what makes them an obvious cybercriminal target. All it could take is a vulnerability to gain a foothold on a website’s sensitive data. This could… Continue reading Analyzing WordPress Remote Code Execution Vulnerabilities CVE-2019-8942 and CVE-2019-8943
Trend Micro Internet Security Wins a “Best Protection” Award for 2018 from AV-TEST
February 21, 2019. If the main criterion for judging the value of a security application is how well it protects your computer from web and email threats, malware and viruses, then both users and potential users of Trend Micro Internet Security will be happy to hear that the product has been given a “Best Protection”… Continue reading Trend Micro Internet Security Wins a “Best Protection” Award for 2018 from AV-TEST
Trend Micro Antivirus for Mac 2019 is Certified by AV-TEST with Top Scores for Protection, Performance, and Usability
Current and potential users of the latest edition of Trend Micro Antivirus for Mac (v9.0, for 2019) will be pleased to know that it achieved MacOS Certification and top scores in all three categories in the recent AV-TEST Product Review and Certification Report – Dec/2018. Trend Micro Antivirus for Mac was tested against eight other… Continue reading Trend Micro Antivirus for Mac 2019 is Certified by AV-TEST with Top Scores for Protection, Performance, and Usability
A Game of Risk with Broadcasters, Cyber Felons and Dragons
Submitted by Steve Ng, Lead, Digital Platform Operations, Mediacorp Where there’s money, there has always been crime. But what if money came in the form of intangible digital assets and crime in the form of cyber adversaries? In fantasy role-playing game Dungeons & Dragons, dragons are intelligent, mythical foes defined by their fiery prowess – boasting… Continue reading A Game of Risk with Broadcasters, Cyber Felons and Dragons
Monero Miner-Malware Uses RADMIN, MIMIKATZ to Infect, Propagate via Vulnerability
By Don Ovid Ladores, Michael Jhon Ofiaza and Gilbert Sison Between the last week of January to February, we noticed an increase in hack tool installation attempts that dropped seemingly random files into the Windows directory. Initially appearing unrelated, analysis showed the final payload to be a Monero cryptocurrency-mining malware variant as it scans for… Continue reading Monero Miner-Malware Uses RADMIN, MIMIKATZ to Infect, Propagate via Vulnerability
This Week in Security News: Cloud Risks and Container Vulnerability
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about this year’s current uses and emerging risks of the cloud. Also, find out what new vulnerability was found in containers. Read on: Attacking Containers and… Continue reading This Week in Security News: Cloud Risks and Container Vulnerability
Don’t Blame Employees who fall for a BEC scam!
The BBC reports that a media company based in Scotland is now suing a former employee who fell for a Business Email Compromise (BEC) scam. In the scam, the employee received emails which appeared to be from the managing director and requested wire transfers. The employee worked with her line manager on the first payment… Continue reading Don’t Blame Employees who fall for a BEC scam!
The Cloud in 2019: Current Uses and Emerging Risks
In the current tech landscape, one would be hard-pressed to find an organization that operates without the help of cloud environments and capabilities. From data storage and document sharing to enabling remote access and communication, the cloud represents the most critical linchpin of today’s IT-focused business processes. What’s more, the power of the cloud is… Continue reading The Cloud in 2019: Current Uses and Emerging Risks
February Patch Tuesday: Batch Includes 77 Updates That Cover Flaws in Internet Explorer, Exchange Server, and DHCP Server
It’s time to get security updates installed. Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. The bulletin patches four publicly known bugs, rated Important, and one that is under active attack. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office and Microsoft Office Services… Continue reading February Patch Tuesday: Batch Includes 77 Updates That Cover Flaws in Internet Explorer, Exchange Server, and DHCP Server