This Week in Security News: Cloud Risks and Container Vulnerability

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about this year’s current uses and emerging risks of the cloud. Also, find out what new vulnerability was found in containers. Read on:  Attacking Containers and … [Read more…]

Don’t Blame Employees who fall for a BEC scam!

The BBC reports that a media company based in Scotland is now suing a former employee who fell for a Business Email Compromise (BEC) scam. In the scam, the employee received emails which appeared to be from the managing director and requested wire transfers. The employee worked with her line manager on the first payment … [Read more…]

The Cloud in 2019: Current Uses and Emerging Risks

In the current tech landscape, one would be hard-pressed to find an organization that operates without the help of cloud environments and capabilities. From data storage and document sharing to enabling remote access and communication, the cloud represents the most critical linchpin of today’s IT-focused business processes. What’s more, the power of the cloud is … [Read more…]

February Patch Tuesday: Batch Includes 77 Updates That Cover Flaws in Internet Explorer, Exchange Server, and DHCP Server

It’s time to get security updates installed. Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. The bulletin patches four publicly known bugs, rated Important, and one that is under active attack. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office and Microsoft Office Services … [Read more…]

Attacking Containers and runC

This week a new vulnerability was published (CVE-2019-5736) that highlights everything bad and good about containers. Simply put, this vulnerability can be exploited using an infected container to attack the host. It’s a real world example of a breakout attack that has long been a major concern in virtualized and container environment. Here, the attack … [Read more…]

Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire

by Noel Anthony Llimos and Carl Maverick Pascual  In November 2018, we covered a Trickbot variant that came with a password-grabbing module, which allowed it to steal credentials from numerous applications. In January 2019, we saw Trickbot (detected as TrojanSpy.Win32.TRICKBOT.AZ and Trojan.Win32.MERETAM.AD) with new capabilities added to its already extensive bag of tricks. Its authors clearly … [Read more…]

Announcing Trend Micro Security for Microsoft Edge

Browsing the web securely with Microsoft Edge (the browser recommended by Microsoft for Windows 10 users and the default browser in Windows 10 S-mode) is a safer bet than ever before with Trend Micro Security for Microsoft Edge—a unique three-in-one browser extension that provides web threat protection, ad blocking, and password management, all in a … [Read more…]

Windows App Runs on Mac, Downloads Info Stealer and Adware

By Don Ladores and Luis Magisa EXE is the official executable file format used for Windows to signify that they only run on Windows platforms, and to serve as a security feature. By default, attempting to run an EXE file on a Mac or Linux OS will only show an error notification. However, we found … [Read more…]

This Week in Security News: Consumer Data and Malware

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn what security issues and critical threats will impact consumer data this year. Also, learn about a malicious Adobe app targeting macOS systems. Read on:  Keys to … [Read more…]