Monday, January 6, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

trend micro research : exploits & vulnerabilities

Security TrendMicro 

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks

admin , ,

Credit to Author: Jagir Shastri| Date: Wed, 07 Feb 2024 00:00:00 +0000

In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution.

Read more
Security TrendMicro 

Unifying Cloud Security Beyond Siloes

admin , , , , , , ,

Credit to Author: Alifiya Sadikali| Date: Tue, 06 Feb 2024 00:00:00 +0000

Attacks don’t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers—including the cloud—for more proactive risk management.

Read more
Security TrendMicro 

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets

admin , , , ,

Credit to Author: Feike Hacquebord| Date: Wed, 31 Jan 2024 00:00:00 +0000

Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted.

Read more
Security TrendMicro 

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

admin , ,

Credit to Author: Peter Girnus| Date: Fri, 12 Jan 2024 00:00:00 +0000

This blog delves into the Phemedrone Stealer campaign’s exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware’s payload.

Read more
Security TrendMicro 

Opening Critical Infrastructure: The Current State of Open RAN Security

admin , , , ,

Credit to Author: Salim S.I.| Date: Fri, 01 Dec 2023 00:00:00 +0000

The Open Radio Access Network (ORAN) architecture provides standardized interfaces and protocols to previously closed systems. However, our research on ORAN demonstrates the potential threat posed by malicious xApps that are capable of compromising the entire Ran Intelligent Controller (RIC) subsystem.

Read more
Security TrendMicro 

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

admin , , ,

Credit to Author: Peter Girnus| Date: Mon, 20 Nov 2023 00:00:00 +0000

We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.

Read more