As part of our efforts to monitor malicious activity aimed at containers, we set up a machine that simulated a Docker host with an exposed API — one of the most common targets of container-based threats — to act as a honeypot. Our goal was to monitor the honeypot and detect if someone finds and… Continue reading Infected Cryptocurrency-Mining Containers Target Docker Hosts With Exposed APIs, Use Shodan to Find Additional Victims
Month: May 2019
CVE-2019-0725: An Analysis of Its Exploitability
by: John Simpson (Vulnerability Researcher) May’s Patch Tuesday saw what is likely to be one of the most prominent vulnerabilities this year with the “wormable” Windows Terminal Services vulnerability (CVE-2019-0708). However, there’s another remote code execution (RCE) vulnerability that would be hard to ignore: CVE-2019-0725, an RCE vulnerability in Windows Dynamic Host Configuration Protocol (DHCP)… Continue reading CVE-2019-0725: An Analysis of Its Exploitability
This Week in Security News: Tax Scams and Spam Emails
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how criminals can use tax deadlines for social engineering schemes and redirection URLs in spam emails to sidestep spam filters. Read on: Beware Tax Scams and… Continue reading This Week in Security News: Tax Scams and Spam Emails
CVE-2019-11815: A Cautionary Tale About CVSS Scores
by John Simpson Vulnerabilities in the Linux kernel are not uncommon. There are roughly 26 million lines of code, with 3,385,121 lines added and 2,512,040 lines removed in 2018 alone. The sheer complexity of that much code means that vulnerabilities are bound to exist. However, what is not at all common is the existence of… Continue reading CVE-2019-11815: A Cautionary Tale About CVSS Scores
New Mirai Variant Uses Multiple Exploits to Target Routers and Other Devices
By: Augusto Remillano II and Jakub Urbanec We discovered a new variant of Mirai (detected as Backdoor.Linux.MIRAI.VWIPT) that uses a total of 13 different exploits, almost all of which have been used in previous Mirai-related attacks. Typical of Mirai variants, it has backdoor and distributed denial-of-service (DDoS) capabilities. However, this case stands out as the… Continue reading New Mirai Variant Uses Multiple Exploits to Target Routers and Other Devices
Keep Your Smart Home Safe: Here’s What You Can Do Today to Secure Your Products
The Internet of Things (IoT) is transforming the way we live, work and play. You can find it in the fitness trackers you might be wearing to monitor step count and heart rate. Or the car you may be driving. But more than anywhere else, you’ll see IoT at home in an increasing array of… Continue reading Keep Your Smart Home Safe: Here’s What You Can Do Today to Secure Your Products
Celebrating the Next Generation of Technology Innovators
At Trend Micro, it’s our mission to secure the connected world. However, we want to go beyond the boundaries of the cybersecurity industry to support and learn from the technology innovators of tomorrow. That’s what our venture arm, Trend Forward Capital, is all about. As part of these efforts, we held a pitch-off competition this… Continue reading Celebrating the Next Generation of Technology Innovators
Trickbot Watch: Arrival via Redirection URL in Spam
by Miguel Ang (Threats Analyst) We discovered a variant of the Trickbot banking trojan (detected by Trend Micro as TrojanSpy.Win32.TRICKBOT.THDEAI) using a redirection URL in a spam email. In this particular case, the variant used Google to redirect from the URL hxxps://google[.]dm:443/url?q=, whereby the URL in the query string, url?q=, is the malicious URL that… Continue reading Trickbot Watch: Arrival via Redirection URL in Spam
This Week in Security News: Unsecured Servers and Vulnerable Processors
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about vulnerabilities that can allow hackers to retrieve data from CPUs and mine cryptocurrency. Read on: May’s Patch Tuesday Include Fixes for ‘Wormable’ Flaw in… Continue reading This Week in Security News: Unsecured Servers and Vulnerable Processors
Why You Should Pick a Leader for Your Enterprise Email Security
Email is a mature technology, but threats targeting email are evolving and getting more sophisticated. 97%1 of ransomware attacks come from email. That’s why there are so many email security vendors and solutions in the market offering different types of technologies and coverages. Picking the best email security solution for an organization can be overwhelming.… Continue reading Why You Should Pick a Leader for Your Enterprise Email Security