Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how the cybersecurity skills gap is affecting organizations. Also, learn how a bipartisan bill is working to close the gap. Read on: What Hacker History Can… Continue reading This Week in Security News: Cybersecurity Skills Gap and Legislature
Month: March 2019
Emotet-Distributed Ransomware Loader for Nozelesn Found via Managed Detection and Response
By Erika Mendoza, Jay Yaneza, Gilbert Sison, Anjali Patil, Julie Cabuhat, and Joelson Soares Through our managed detection and response (MDR) monitoring, we discovered the modular Emotet malware distributing the Nymaim malware, which then loads the Nozelesn ransomware. We detected this particular Emotet variant in one of our monitored endpoints in the hospitality industry in… Continue reading Emotet-Distributed Ransomware Loader for Nozelesn Found via Managed Detection and Response
Desktop, Mobile Phishing Campaign Targets South Korean Websites, Steals Credentials Via Watering Hole
We discovered a phishing campaign that has compromised at least four South Korean websites – including a business page ranked as one of the most visited sites in the country – by injecting fake login forms to steal user credentials. While we’ve previously seen cybercriminals inject a malicious JavaScript code in the websites to load… Continue reading Desktop, Mobile Phishing Campaign Targets South Korean Websites, Steals Credentials Via Watering Hole
What Hacker History Can Tell Enterprises About Future Attack Strategy
There’s an oft-quoted saying: “History repeats itself.” For those that believe in the cyclical patterns that sometimes emerge over time, this aphorism definitely rings true. Today, we’ll be applying this type of thinking to the cybercrime realm. Over the course of hacker history, numerous trends have arisen, including those that hinge upon sophisticated approaches to… Continue reading What Hacker History Can Tell Enterprises About Future Attack Strategy
CVE-2019-0192: Mitigating Unsecure Deserialization in Apache Solr
By: Santosh Subramanya (Vulnerability Researcher) Security researcher Michael Stepankin reported a vulnerability found in the popular, open-source enterprise search platform Apache Solr: CVE-2019-0192. It’s a critical vulnerability related to deserialization of untrusted data. To have a better understanding of how the vulnerability works, we replicated how it could be exploited in a potential attack by… Continue reading CVE-2019-0192: Mitigating Unsecure Deserialization in Apache Solr
Use Safety and Precaution When Using USBs
Removable USB devices are basic instruments for storing and transferring files from one device to another. Although they’re convenient to use, they can also pose a potential threat to your devices—especially when used without prior caution. There are reported instances, where researchers weren’t initially able to pinpoint the origin of a malware attack but which later… Continue reading Use Safety and Precaution When Using USBs
This Week in Security News: Radio Frequency Technology and Telecom Crimes
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how radio frequency technology is putting industrial organizations at risk. Also, understand the threat landscape of telecommunications and how to prepare for future threats. Read on:… Continue reading This Week in Security News: Radio Frequency Technology and Telecom Crimes
Telecom Crimes Against the IoT and 5G
by: Trend Micro Research and Europol’s European Cybercrime Centre (EC3) Telecommunications or telecom technology is the underpinning of the modern internet, and consequently, the internet’s growing segment, the internet of things (IoT). Likewise, the global telecommunications network we enjoy today has been greatly influenced by the existence and growth of the internet. Between telecom and… Continue reading Telecom Crimes Against the IoT and 5G
Third Party Testing of Security is a Very Big Deal for Customers
User Reviews + Test Results Peer reviews are an important part of product selection. Everything I buy on Amazon and most other things I buy I check for reviews first. That’s the “do I like it” or the test-drive part of the selection. But the “how well does it work” part is lab testing. I’m… Continue reading Third Party Testing of Security is a Very Big Deal for Customers
How Radio Frequency Technology is Putting the Industrial Sector at Risk
Each industry has its own unique security risks. The banking and health care sectors, for example, deal with some considerably sensitive financial and client data, and therefore must put robust protections in place to ensure its safety. The industrial sector, however, is a bit different. For many years, security-conscious experts focused on other industries, but now… Continue reading How Radio Frequency Technology is Putting the Industrial Sector at Risk