web analytics

Security Risks in Online Coding Platforms

By David Fiser (Senior Cyber Threat Researcher) Threat Modeling for Online Coding Platforms Before cloud integrated development environments (IDEs) became an option, you, i.e., the developer, typically need to download and/or install everything you need onto your own workstations. However, as DevOps gained traction and cloud computing usage grew, you can now also code online.… Continue reading Security Risks in Online Coding Platforms

This Week in Security News: Trend Micro Detects a 10 Percent Rise in Ransomware in 2019 and New Wi-Fi Encryption Vulnerability Affects Over a Billion Devices

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about how Trend Micro detected a 10 percent rise in ransomware attacks in 2019. Also, learn about a new Wi-Fi encryption vulnerability affecting over a billion… Continue reading This Week in Security News: Trend Micro Detects a 10 Percent Rise in Ransomware in 2019 and New Wi-Fi Encryption Vulnerability Affects Over a Billion Devices

Hackers Expand Their Repertoire as Trend Micro Blocks 52 Billion Threats in 2019

Variety is welcome in most walks of life, but not when it comes to the threat landscape. Yet that is unfortunately the reality facing modern cybersecurity professionals. As Trend Micro’s 2019  roundup report reveals, hackers have an unprecedented array of tools, techniques and procedures at their disposal today. With 52 billion unique threats detected by… Continue reading Hackers Expand Their Repertoire as Trend Micro Blocks 52 Billion Threats in 2019

This Week in Security News: February 2020 Patch Tuesday Update and Misconfigured AWS S3 Bucket Leaks 36,000 Inmate Records

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the more than 140 February Patch Tuesday updates from Microsoft and Adobe. Also, read about how an unsecured and unencrypted Amazon Simple Storage Service (S3)… Continue reading This Week in Security News: February 2020 Patch Tuesday Update and Misconfigured AWS S3 Bucket Leaks 36,000 Inmate Records

LokiBot Impersonates Popular Game Launcher and Drops Compiled C# Code File

(By Augusto Remillano II, Mohammed Malubay, and Arvin Roi Macaraeg, Threat Analysts) LokiBot, which has the ability to harvest sensitive data such as passwords as well as cryptocurrency information, proves that the actors behind it is invested in evolving the threat. In the past, we have seen a campaign that exploits a remote code execution… Continue reading LokiBot Impersonates Popular Game Launcher and Drops Compiled C# Code File

An In-Depth Technical Analysis of CurveBall (CVE-2020-0601)

by: John Simpson (Vulnerability Researcher) The first Microsoft patch Tuesday of 2020 contained fixes for CVE-2020-0601, a vulnerability discovered by the United States’ National Security Agency (NSA) that affects how cryptographic certificates are verified by one of the core cryptography libraries in Windows that make up part of the CryptoAPI system. Dubbed CurveBall or “Chain… Continue reading An In-Depth Technical Analysis of CurveBall (CVE-2020-0601)

February Patch Tuesday: Fixes for Critical LNK, RDP, Trident Vulnerabilities

The first Patch Tuesday of 2020 in January brought an unusually long list of patches, but February brings an even wider range of fixes that address a total of 99 vulnerabilities — including 12 classified as Critical, with the remaining 99 deemed Important. Only five of the vulnerabilities were made public before the patches were… Continue reading February Patch Tuesday: Fixes for Critical LNK, RDP, Trident Vulnerabilities

Outlaw Updates Kit to Kill Older Miner Versions, Targets More Systems

By Jindrich Karasek (Threat Researcher) As we’ve observed with cybercriminal groups that aim to maximize profits for every campaign, silence doesn’t necessarily mean inactivity. It appears hacking group Outlaw, which has been silent for the past few months, was simply developing their toolkit for illicit income sources. While they have been quiet since our June… Continue reading Outlaw Updates Kit to Kill Older Miner Versions, Targets More Systems

This Week in Security News: ZDI Bug Hunters Rake in $1.5M in 2019 and Metamorfo Trojan Malware Campaign Targets Online Banking Users

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about Trend Micro Zero Day Initiative’s $1.5 million in awards and other noteworthy milestones in 2019. Also, learn about a crafty malware that makes you retype… Continue reading This Week in Security News: ZDI Bug Hunters Rake in $1.5M in 2019 and Metamorfo Trojan Malware Campaign Targets Online Banking Users