web analytics

There is a Skills Shortage, But it isn’t Your Real Problem

During my undergraduate days, I recall hearing that the Bell System was slow to deploy automated dialing. While smaller local phone companies allowed callers to dial a number directly from their phone, the Bell system continues to rely on switchboard operators into the 1930s. In fact, early phones did not have numbers to dial at… Continue reading There is a Skills Shortage, But it isn’t Your Real Problem

More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting

By Feike Hacquebord, Cedric Pernet, and Kenney Lu The threat group regularly referred to as APT33 is known to target the oil and aviation industries aggressively. This threat group has been reported on consistently for years, but our recent findings show that the group has been using about a dozen live Command and Control (C&C)… Continue reading More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting

Microsoft November 2019 Patch Tuesday Reveals 74 Patches Before Major Windows Update

Following the relatively light list from last month, November proved to be a much more eventful month for Microsoft users. The November Patch Tuesday holds more fixes with a total of 74 patches, 13 of which were classified as Critical patches for remote code execution (RCE) vulnerabilities. The remaining majority were rated as Important and… Continue reading Microsoft November 2019 Patch Tuesday Reveals 74 Patches Before Major Windows Update

This Week in Security News: Amazon Echo Hacked at Pwn2Own Tokyo 2019 and Ransomware Attacks Hit Spanish Companies

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a ransomware that is attacking Spanish companies and how nearly 50 adware apps were found on Google Play. Also, read about how an Amazon Echo… Continue reading This Week in Security News: Amazon Echo Hacked at Pwn2Own Tokyo 2019 and Ransomware Attacks Hit Spanish Companies

49 Disguised Adware Apps With Optimized Evasion Features Found on Google Play

By Jessie Huang We recently found 49 new adware apps on Google Play, disguised as games and stylized cameras. These apps are typical adware, hiding themselves within mobile devices to show ads and deploying anti-uninstall and evasion functions. These apps are no longer live but before they were taken down by Google, the total number… Continue reading 49 Disguised Adware Apps With Optimized Evasion Features Found on Google Play

Trend Micro Discloses Insider Threat Impacting Some of its Consumer Customers

We recently became aware of a security incident that resulted in the unauthorized disclosure of some personal data of an isolated number of customers of our consumer product.  We immediately started investigating the situation and found that this was the result of a malicious insider threat. The suspect was a Trend Micro employee who improperly accessed the data with a clear criminal intent.   We immediately began taking the actions necessary… Continue reading Trend Micro Discloses Insider Threat Impacting Some of its Consumer Customers

New Exploit Kit Capesand Reuses Old and New Public Exploits and Tools, Blockchain Ruse

By Elliot Cao, Joseph C. Chen, William Gamazo Sanchez We discovered a new exploit kit named Capesand in October 2019. Capesand attempts to exploit recent vulnerabilities in Adobe Flash and Microsoft Internet Explorer (IE). Based on our investigation, it also exploits a 2015 vulnerability for IE. It seems the cybercriminals behind the exploit kit are… Continue reading New Exploit Kit Capesand Reuses Old and New Public Exploits and Tools, Blockchain Ruse

Tips to Accelerating PCI Data Security Standard Projects with Deep Security as a Service

Does your organization need to meet PCI DSS requirements? Are you struggling with multiple security tools? Or stretching your already overstretched team to prepare for an audit? Time to hit the accelerator with Trend Micro! If your applications deal with credit or payment card data, you need to go through a long and cumbersome certification… Continue reading Tips to Accelerating PCI Data Security Standard Projects with Deep Security as a Service

This Week in Security News: Pwn2Own Adds Industrial Control Systems to Hacking Contest and Cyber Crooks Target ESports

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Among news from this week, learn about Pwn2Own’s new hacking contest that will take place in Miami next year. Also, as October was Cybersecurity Awareness Month, read about best… Continue reading This Week in Security News: Pwn2Own Adds Industrial Control Systems to Hacking Contest and Cyber Crooks Target ESports