by Ashish Verma In September, security researchers from the QAX-A-Team discovered the existence of CVE-2019-16928, a vulnerability involving the mail transfer agent Exim. Exim accounts for over 50% of publicly reachable mail servers on the internet. What makes the bug particularly noteworthy is that threat actors could exploit it to perform denial of service (DoS)… Continue reading CVE-2019-16928: Exploiting an Exim Vulnerability via EHLO Strings
Month: October 2019
Tackling the BEC Epidemic in a New Partnership with INTERPOL
In just a few short years, Business Email Compromise (BEC) has gone from a peripheral threat to a major cyber risk for organizations. It’s making criminal gangs millions of dollars each month, hitting corporate profits and reputation in the process. Trend Micro has built a formidable array of resources over the past few years to… Continue reading Tackling the BEC Epidemic in a New Partnership with INTERPOL
FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops
We discovered that the online credit card skimming attack known as Magecart or E-Skimming was actively operating on 3,126 online shops. Our data shows that the attack started on September 7, 2019. All of the impacted online shops are hosted on the cloud platform of the e-commerce service provider “Volusion,” one of the top e-commerce… Continue reading FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops
Whats So Strategic About the Trend Micro and Snyk Partnership?
What does a partnership between Trend Micro and Snyk mean for you, the customer? Can you really develop and deploy applications anywhere without security slowing you down? Greg Young, VP of Cybersecurity for Trend Micro, explains how the partnership benefits Trend Micro and gives our customers an extra edge in their security platform. The post… Continue reading Whats So Strategic About the Trend Micro and Snyk Partnership?
Short October Patch Tuesday Includes Remote Desktop Client, Browser, and Authentication Patches
October’s Patch Tuesday is relatively modest, with Microsoft releasing a total of 59 patches. However, this shorter list still warrants attention. Nine of the 59 were still identified as Critical, while the remaining 50 were labeled Important. Most of the critical bulletins were for various Internet Explorer and Microsoft Edge vulnerabilities, with one covering a… Continue reading Short October Patch Tuesday Includes Remote Desktop Client, Browser, and Authentication Patches
Decrypting What Zero Trust Is, And What It Likely Isn’t
It’s always an indicator of confusion when instead of hearing “I want Q” I’m asked “what is Q?”. In this case the ‘Q’ is Zero Trust. I’ll try and give my best take on what I understand Zero Trust to be. History Repeats Let’s start with the background. Quite a while back the Jericho Forum… Continue reading Decrypting What Zero Trust Is, And What It Likely Isn’t
In Identity Theft the Target is You!
The hard truth is that identity data is the new gold—and criminal panhandlers are mining it for sale and distribution on the Dark Web. Indeed, the internet provides ways for big data breaches to result in disastrous leaks of huge databases of personal information, resulting in detailed profiles of individuals—based on their internet behaviors, including… Continue reading In Identity Theft the Target is You!
New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign
By Jaromir Horejsi and Joseph C. Chen (Threat Researchers) We found a new modular fileless botnet malware, which we named “Novter,” (also reported and known as “Nodersok” and “Divergent”) that the KovCoreG campaign has been distributing since March. We’ve been actively monitoring this threat since its emergence and early development, and saw it being frequently… Continue reading New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign