Analyzing an Old Bug and Discovering CVE-2021-30995

Trend Micro – Trend Micro – On April 26, 2021 Apple patched CVE-2021-1740, which was a vulnerable function inside the system daemon process cfprefsd (these types of processes usually run…

Examining Log4j Vulnerabilities in Connected Cars and Charging Stations

Trend Micro – Trend Micro – Evidence of attacks using the Log4j vulnerability was also shown in a test that triggered a bug on a Tesla car. For this case,…

Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited

Trend Micro – Trend Micro – A vulnerability in Apache Log4j, a widely used logging package for Java has been found. The vulnerability, which can allow an attacker to execute…

Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify

Trend Micro – Trend Micro – Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify We looked into exploitation attempts we observed in the wild and the abuse of…

Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains

Trend Micro – Trend Micro – Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains Exploits & Vulnerabilities Squirrelwaffle is known for using the tactic of sending malicious spam as…

Analyzing ProxyShell-related Incidents via Trend Micro Managed XDR

Trend Micro – Trend Micro – Both servers are using Liferay CE version 6.2, which is vulnerable to CVE-2020-7961 (possibly leading to remote code execution). Incident # 2 Similar to…

Post-pandemic growth starts with understanding risk

Trend Micro – Trend Micro – IT and business leaders have rarely seen eye-to-eye on cybersecurity, but today the friction seems more pronounced than ever. New Trend Micro research found…

November Continues Streak of Quiet Patch Tuesdays

Trend Micro – Trend Micro – November continues a recent pattern of relatively peaceful Patch Tuesday cycles. There were only six vulnerabilities rated as Critical this month, with 49 more…

Discovering the Exploitable Security Gaps in Remote Work Spaces

Trend Micro – Trend Micro – Working and living areas are getting smarter every year as owners adopt new technology and continuously upgrade old devices to fit into modernized spaces.…

India Releases Cybersecurity Guidelines for Power Sector

Trend Micro – Trend Micro – The Indian Government’s Power Ministry and the Central Electricity Authority (CEA) recently released cybersecurity guidelines to enhance the power sector’s cybersecurity readiness. It is…