Categories
Uncategorized

Security Analysis of Devices That Support SCPI and VISA Protocols

By Philippe Lin, Roel Reyes, Shin Li, and Gloria Chen (Trend Micro Research) When a legacy protocol is connected via Ethernet, and subsequently to the internet, security issues arise. Standard Commands for Programmable Instruments (SCPI) is a legacy protocol that many advanced measurement instruments support. It can be issued via General Purpose Interface Bus (GPIB), […]

Categories
Uncategorized

This Week in Security News: Trend Micro Creates Factory Honeypot to Trap Malicious Attackers and Microsoft Leaves 250M Customer Service Records Open to the Web

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, dive into a research study that explores the risks associated with common cybersecurity vulnerabilities in a factory setting. Also, read about how misconfigured Microsoft cloud databases containing […]

Categories
Uncategorized

Defend Yourself Now and in the Future Against Mobile Malware

The world has gone mobile and the US is leading the way. It’s estimated that that the number of smartphone users alone topped 257 million in the States in 2018. That means three-quarters (74%) of households now boast at least one mobile device. And in this new digital world, it’s mobile applications that really matter. […]

Categories
Uncategorized

Don’t Let the Vulnera-Bullies Win. Use our free tool to see if you are patched against Vulnerability CVE-2020-0601

So much for a quiet January! By now you must have heard about the new Microsoft® vulnerability CVE-2020-0601, first disclosed by the NSA (making it the first Windows bug publicly attributed to the National Security Agency). This vulnerability is found in a cryptographic component that has a range of functions—an important one being the ability […]

Categories
Uncategorized

January Patch Tuesday: Update List Includes Fixes for Internet Explorer, Remote Desktop, Cryptographic Bugs

2020 starts off with a relatively heavy list of patches for Microsoft users. January is typically a light month for fixes, but Microsoft released patches for 49 vulnerabilities (eight of which are Critical and all the remaining classified as Important) in this cycle. None of these vulnerabilities are known to be under attack at this […]

Categories
Uncategorized

This Week in Security News: INTERPOL Collaboration Reduces Cryptojacking by 78% and Three Malicious Apps Found on Google Play May be Linked to SideWinder APT Group

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how Trend Micro’s collaboration with INTERPOL’s Global Complex for Innovation helped reduce cryptojacking by 78% in Southeast Asia. Also, read about three malicious apps in […]

Categories
Uncategorized

INTERPOL Collaboration Reduces Cryptojacking by 78%

Cybercriminals are often seen as having the upper hand over the “white hat” community. After all, they’re anonymous, can launch attacks from virtually anywhere in the world, and usually have the element of surprise. But there’s one secret weapon the good guys have: Collaboration. That’s why Trend Micro has always prioritized its partnerships with law […]

Categories
Uncategorized

The Summit of Cybersecurity Sits Among the Clouds

Trend Micro Apex One as a Service You have heard it before, but it needs to be said again—threats are constantly evolving and getting sneakier, more malicious, and harder to find than ever before. It’s a hard job to stay one step ahead of the latest threats and scams organizations come across, but it’s something […]

Categories
Uncategorized

First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT Group

by Ecular Xu and Joseph C Chen We found three malicious apps in the Google Play Store that work together to compromise a victim’s device and collect user information. One of these apps, called Camero, exploits CVE-2019-2215, a vulnerability that exists in Binder (the main Inter-Process Communication system in Android). This is the first known active […]

Categories
Uncategorized

Celebrating Decades of Success with Microsoft at the Security 20/20 Awards

Effective collaboration is key to the success of any organization. But perhaps none more so than those working towards the common goal of securing our connected world. That’s why Trend Micro has always been keen to reach out to industry partners in the security ecosystem, to help us collectively build a safer world and improve […]