Headlines Archives - The World ePost

Headlines

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 9, 2017

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 9, 2017

Headlines
Elisa Lippincott (TippingPoint Global Product Marketing) Even though “Patch Tuesday” isn’t supposed to exist anymore, here I am blogging about it. As I looked at the October updates from Microsoft, the usual suspects were there. But this month was a little different. We usually see critical vulnerabilities on the browser side, but Microsoft Office is in the spotlight with CVE-2017-11826 under...Multimedia All Other Multimedia: TippingPoint-300x205_8.jpg (12.09 KB) Related Materials https://blog.trendmicro.com/tippingpoint-threat-intelligence-zero-day-coverage-week-october-9-2017/ Language:

Microsoft’s October Patch Tuesday Fixes 62 Vulnerabilities, including an Office Zero-Day

Headlines
Trend Micro Microsoft’s Patch Tuesday for October addresses 62 vulnerabilities, 27 of which are critical and 35 important in terms of severity; many of these flaws can lead to remote code execution (RCE). Microsoft’s fixes are patches for features in the Windows operating system (OS) and Microsoft Office (including Office Web Apps), Skype for Business, Edge, Internet Explorer (including the Chakra Core browser engine), Exchange Server, and .NET development framework, among others. As per Microsoft’s previous advisories, this month’s Patch Tuesday also marks the end of support and patches/updates for Office 2007 and Outlook 2007. Of note is Microsoft’s fix for CVE-2017-11826, a memory corruption vulnerability in Microsoft Office that
Cybersecurity in the Workplace is Everybody’s Business

Cybersecurity in the Workplace is Everybody’s Business

Headlines
William "Bill" Malik (CISA VP Infrastructure Strategies) What can individual users do to preserve cybersecurity at work? Your organization is spending on cybersecurity tools, you have an awareness program, and if you look you will find that there are standards and procedures for choosing and maintaining products to help keep information secure. But what can an individual do? Remember – you are...Multimedia All Other Multimedia: roundup-300x275_3.jpg (19.46 KB) Related Materials http://blog.trendmicro.com/cybersecurity-workplace-everybodys-business/ Language: E

WannaCry Ransomware Sold in the Middle Eastern and North African Underground

Headlines
Mayra Rosario Fuentes (Senior Threat Researcher) For $50, one could purportedly get a lifetime license to upgradeable variants of WannaCry. We saw this advertisement in an Arabic-speaking underground forum on May 14, two days after WannaCry’s outbreak. Indeed, a threat that left a trail of significant damage in its wake was objectified into a commodity, and even a starting point for others to launch their own cybercriminal businesses. WannaCry’s relatively low price also reflects another unique aspect of the Middle Eastern and North African underground: a sense of brotherhood. Unlike marketplaces in Russia and North America, for instance, where its players aim to make a profit, the Middle East and North Africa’s underground scene is
Bargains and brotherhood: The underground Digital Souks of the Middle East

Bargains and brotherhood: The underground Digital Souks of the Middle East

Headlines
Rik Ferguson (VP, Security Research) The release of our report “Digital Souks: A glimpse into the Middle Eastern and North African underground” marks the 12th in our Cybercriminal Underground Economy Series (CUES). Having previously published several papers covering the Japanese, French, German, North American, Chinese, Russian and Brazilian undergrounds this is the first report of its kind focusing on this...Multimedia All Other Multimedia: blog2-1-239x300_0.jpg (14.72 KB) Related Materials http://blog.trendmicro.com/bargains-and-brotherhood-the-underground-digital-souks-of-the-middle-east/ Language:

Dnsmasq: A Reality Check and Remediation Practices

Headlines
Federico Maggi (Senior Threat Researcher) Dnsmasq is the de-facto tool for meeting the DNS/DHCP requirements of small servers and embedded devices. Recently, Google Security researchers identified seven vulnerabilities that can allow a remote attacker to execute code on, leak information from, or crash a device running a Dnsmasq version earlier than 2.78, if configured with certain options. Post from: Trendlabs Security Intelligence Blog - by Trend Micro Dnsmasq: A Reality Check and Remediation Practices Related Materials http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/fznrWV21F9Q/ Language: English read more S
When Phishing Starts from the Inside

When Phishing Starts from the Inside

Headlines
Chris Taylor A growing concern of security professionals is internal phishing attacks – phishing emails sent from one trusted user to another of the same organization. Internal phishing emails are used in multi-stage attacks in which an email account is owned either by controlling the users device with previously installed malware or by compromising the account credentials...Multimedia All Other Multimedia: Phishing-is-one-of-the-greatest-and-most-time-consuming-challenge-security-professionals-face-today_459_40162483_0_14089749_500-300x225_1.jpg (5.27 KB) Related Materials http://blog.trendmicro.com/phishing-starts-inside/ ...

SYSCON Backdoor Uses FTP as a C&C Channel

Headlines
Trend Micro Cyber Safety Solutions Team Bots can use various methods to establish a line of communication between themselves and their command-and-control (C&C) server. Usually, these are done via HTTP or other TCP/IP connections. However, we recently encountered a botnet that uses a more unusual method: an FTP server that, in effect, acts as a C&C server. Post from: Trendlabs Security Intelligence Blog - by Trend Micro SYSCON Backdoor Uses FTP as a C&C Channel Related Materials http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/Mw_aCJ0nNos/ Language: English read more Source: HEADLINES NEWS
Taking Healthcare Threat Protection to the Next Level with HITRUST

Taking Healthcare Threat Protection to the Next Level with HITRUST

Headlines
Mike Gibson Healthcare organizations (HCOs) worldwide continue to be on the receiving end of cyber-attacks. But if we work together we have both the tools and motivation to turn this around. That’s why Trend Micro has been a long-time partner and advocate of the great work HITRUST is doing to help improve baseline cybersecurity resilience and maturity...Multimedia All Other Multimedia: blog-239x300_2.jpg (12.5 KB) Related Materials http://blog.trendmicro.com/taking-healthcare-threat-protection-next-level-hitrust/ Language: English read more Source: HE
National Cyber Security Awareness Month for Organizations

National Cyber Security Awareness Month for Organizations

Headlines
Jon Clay The month of October 2017 is again the National Cyber Security Awareness Month (NCSAM) for individuals and organizations. This year’s theme is shared responsibility which is something we’ve been talking a lot about when it comes to public cloud support for many years. This year Trend Micro will be supporting NCSAM with a new blog...Multimedia All Other Multimedia: asset_cover-300x200_2.jpg (46.09 KB) Related Materials http://blog.trendmicro.com/national-cyber-security-awareness-month-organizations/ Language: English read more Source: HEADLINE
Show Buttons
Hide Buttons