Zero-Day Vulnerability Findings, Mobile Phishing Scams
Learn how music festival goers need to be on guard for phishing attacks when trying to find a lost iPhone and how Trend Micro researchers went public with their findings on a zero-day vulnerability impacting the Android mobile operating system.
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how music festival goers need to be on guard for phishing attacks when trying to find a lost iPhone. Also, read how Trend Micro researchers went public with their findings on a zero-day vulnerability impacting the Android mobile operating system.
New research published reveals that many of the home routers sold in the US today are still missing basic protections. Read on to learn about how your router is exposed to hackers, what attacks are possible and how to protect your router and smart home with Trend Micro’s help.
Jenkins, a widely used open-source automation server that allows DevOps developers to build, test, and deploy software efficiently and reliably, recently published security advisories that included problems associated with plain-text-stored credentials. Vulnerabilities that affect Jenkins plugins can be exploited to siphon off sensitive user credentials.
Facebook, Google, Twitter and Microsoft met with government officials in Silicon Valley on Wednesday to discuss and coordinate on how best to help secure the 2020 American election, kicking off what is likely to be a marathon effort to prevent the kind of foreign interference that roiled the 2016 election.
Trend Micro recently caught a malvertising attack distributing the malware Glupteba, an older malware that was previously connected to a campaign named Operation Windigo and distributed through exploit kits to Windows users. This blog discusses features of this malware and security recommendations to avoid this kind of attack.
A Trend Micro honeypot detected a spam campaign that uses compromised devices to attack vulnerable web servers. After brute-forcing devices with weak access credentials, the attackers use them as proxies to forward a base64-encoded PHP script to web servers, which then sends an email with an embedded link to a scam site to specific email addresses.
Container security presents a hot growth opportunity for the channel, with the global market expected to more than quadruple by 2024, reaching nearly $2.2 billion. North America is expected to account for the highest market share through 2024.
Of the hundreds who had their cellphones stolen or lost during the Lollapalooza music festival, one woman’s attempt to find her iPhone led her to a phishing scheme that stole her credentials. Like a regular phishing scheme, she received a seemingly legitimate text message with a link to what looked like the Find My iPhone webpage, but realized they were fake after she entered her credentials.
Two notable ransomware attacks targeted several hospitals in Taiwan and a contracting company in Dubai last week. The ransomware attack in Taiwan prevented several hospitals from accessing their information systems, while the attack in Dubai froze a company's systems.
Trend Micro is taking new steps to help enterprises using Amazon Web Services to better deliver network security for cloud and hybrid operations. IDN looks at Trend Micro Cloud Network Protection, along with the firm's new XDR solution.
A recently discovered email scheme reportedly deployed by a hacking group called ChaosCC claims to have hijacked recipients’ computers and recorded videos of them while watching adult content. This sextortion scheme reportedly attempts to trick recipients into paying US$700 in bitcoin.
This fraud incident used a deepfake audio, an artificial intelligence (AI)-generated audio, and was reported to have conned US$243,000 from a U.K.-based energy company. According to a report, in March, the fraudsters used a voice-generating AI software to mimic the voice of the chief executive of the company’s Germany-based parent company to facilitate an illegal fund transfer.
Yesterday, Trend Micro researchers went public with their findings on a zero-day vulnerability impacting the Android mobile operating system after Google published the September 2019 Android Security Bulletin, which didn't include a fix for their bug. The vulnerability resides in how the Video for Linux (V4L2) driver that's included with the Android OS handles input data.
Containers optimize the developer experience. However, as with any technology, there can be tradeoffs in using containers. This blog contains sex steps developers can follow to minimize risks when building in containers.
Are you well-versed on Trend’s suggestions for protecting your router and smart home from hackers? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.