Monday, November 25, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

trend micro research : exploits & vulnerabilities

Security TrendMicro 

How Underground Groups Use Stolen Identities and Deepfakes

admin , , ,

Credit to Author: Vladimir Kropotov| Date: Tue, 27 Sep 2022 00:00:00 +0000

The growing appearance of deepfake attacks is significantly reshaping the threat landscape. These fakes brings attacks such as business email compromise (BEC) and identity verification bypassing to new levels.

Read more
Security TrendMicro 

Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware

admin , , , , , ,

Credit to Author: Sunil Bharti| Date: Wed, 21 Sep 2022 00:00:00 +0000

Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining.

Read more
Security TrendMicro 

Security Risks in Logistics APIs Used by E-Commerce Platforms

admin , , , ,

Credit to Author: Ryan Flores| Date: Tue, 20 Sep 2022 00:00:00 +0000

Our research examines the security flaws that we found in the logistics API implementation of e-commerce platforms that can potentially expose the consumers’ personal information. We discuss the security risks that such flaws present for software engineers, e-commerce platform providers, and consumers.

Read more
Security TrendMicro 

A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities

admin , , ,

Credit to Author: Sunil Bharti| Date: Wed, 14 Sep 2022 00:00:00 +0000

This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints.

Read more
Security TrendMicro 

Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus

admin , , , ,

Credit to Author: Ryan Soliven| Date: Wed, 24 Aug 2022 00:00:00 +0000

We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware.

Read more
Security TrendMicro 

Analyzing the Hidden Danger of Environment Variables for Keeping Secrets

admin , , , ,

Credit to Author: David Fiser| Date: Wed, 17 Aug 2022 00:00:00 +0000

While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows.

Read more
Security TrendMicro 

Analyzing Penetration-Testing Tools That Threat Actors Use to Breach Systems and Steal Data

admin , , ,

Credit to Author: Joelson Soares| Date: Wed, 20 Jul 2022 00:00:00 +0000

We discovered the use of two Python penetration-testing tools, Impacket and Responder, that malicious actors used to compromise systems and exfiltrate data. We share our key findings in this report.

Read more