Categories
Anti-malware

Drupal Vulnerability (CVE-2019-6340) Can Be Exploited for Remote Code Execution

by Branden Lynch (Threats Analyst) The content management framework Drupal recently fixed a vulnerability (CVE-2019-6340) in their core software, identified as SA-CORE-2019-003. The flaw is categorized as highly critical, exposing vulnerable installations to unauthenticated remote code execution (RCE). The vulnerability affects a substantial portion of Drupal installations, since it impacts the widely installed RESTful Web […]

Categories
Anti-malware

Analyzing WordPress Remote Code Execution Vulnerabilities CVE-2019-8942 and CVE-2019-8943

by Suraj Sahu and Jayesh Patel (Vulnerability Researchers) With its open-source, feature-rich, and user-friendly content management system (CMS), WordPress powers nearly 33 percent of today’s websites. This popularity is also what makes them an obvious cybercriminal target. All it could take is a vulnerability to gain a foothold on a website’s sensitive data. This could […]

Categories
Anti-malware

Trend Micro Internet Security Wins a “Best Protection” Award for 2018 from AV-TEST

February 21, 2019. If the main criterion for judging the value of a security application is how well it protects your computer from web and email threats, malware and viruses, then both users and potential users of Trend Micro Internet Security will be happy to hear that the product has been given a “Best Protection” […]

Categories
Anti-malware

Trend Micro Antivirus for Mac 2019 is Certified by AV-TEST with Top Scores for Protection, Performance, and Usability

Current and potential users of the latest edition of Trend Micro Antivirus for Mac (v9.0, for 2019) will be pleased to know that it achieved MacOS Certification and top scores in all three categories in the recent AV-TEST Product Review and Certification Report – Dec/2018. Trend Micro Antivirus for Mac was tested against eight other […]

Categories
Anti-malware

A Game of Risk with Broadcasters, Cyber Felons and Dragons

Submitted by Steve Ng, Lead, Digital Platform Operations, Mediacorp Where there’s money, there has always been crime. But what if money came in the form of intangible digital assets and crime in the form of cyber adversaries? In fantasy role-playing game Dungeons & Dragons, dragons are intelligent, mythical foes defined by their fiery prowess – boasting […]

Categories
Anti-malware

Monero Miner-Malware Uses RADMIN, MIMIKATZ to Infect, Propagate via Vulnerability

By Don Ovid Ladores, Michael Jhon Ofiaza and Gilbert Sison Between the last week of January to February, we noticed an increase in hack tool installation attempts that dropped seemingly random files into the Windows directory. Initially appearing unrelated, analysis showed the final payload to be a Monero cryptocurrency-mining malware variant as it scans for […]

Categories
Anti-malware

This Week in Security News: Cloud Risks and Container Vulnerability

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about this year’s current uses and emerging risks of the cloud. Also, find out what new vulnerability was found in containers. Read on:  Attacking Containers and […]

Categories
Anti-malware

Don’t Blame Employees who fall for a BEC scam!

The BBC reports that a media company based in Scotland is now suing a former employee who fell for a Business Email Compromise (BEC) scam. In the scam, the employee received emails which appeared to be from the managing director and requested wire transfers. The employee worked with her line manager on the first payment […]

Categories
Anti-malware

The Cloud in 2019: Current Uses and Emerging Risks

In the current tech landscape, one would be hard-pressed to find an organization that operates without the help of cloud environments and capabilities. From data storage and document sharing to enabling remote access and communication, the cloud represents the most critical linchpin of today’s IT-focused business processes. What’s more, the power of the cloud is […]

Categories
Anti-malware

February Patch Tuesday: Batch Includes 77 Updates That Cover Flaws in Internet Explorer, Exchange Server, and DHCP Server

It’s time to get security updates installed. Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. The bulletin patches four publicly known bugs, rated Important, and one that is under active attack. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office and Microsoft Office Services […]