Libraries and Trends - Information Management Today

Trend Micro addressed two DLL Hijacking flaws in Trend Micro Password Manager

Security Affairs

AUGUST 17, 2019

Trend Micro addressed 2 DLL hijacking flaws in Trend Micro Password Manager that could allow malicious actors to escalate privileges and much more. “ SafeBreach Labs discovered a new vulnerability in Trend Micro Password Manager software.” ” reads the security advisory published by Trend Micro.

Passwords

Passwords Authentication Libraries Security

Experts discovered DLL hijacking issues in Kaspersky and Trend Micro solutions

Security Affairs

DECEMBER 2, 2019

Experts discovered several DLL hijacking flaws in Kaspersky Secure Connection, Trend Micro Maximum Security, and Autodesk Desktop Application. In the above solutions, privileged processes were attempting to load libraries that are not present at the expected location, allowing the attackers to place their own libraries and get them executed.

Libraries

Libraries Authentication Security IT

TeamTNT group adds new detection evasion tool to its Linux miner

Security Affairs

JANUARY 28, 2021

Early this year, researchers from Trend Micro discovered that the TeamTNT botnet was improved with the ability to steal Docker credentials. If the custom shared library exports a function with the same signature of a library that is located in the system libraries, the custom version will override it.

Libraries

Libraries IT Mining Security

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

China-linked APT Mustang Panda upgrades tools in its arsenal

Security Affairs

APRIL 17, 2025

In February 2024, Trend Micro researchers observed the group targeting Asian countries, including Taiwan, Vietnam, and Malaysia. The APT employs DLL sideloading by packaging malicious libraries with vulnerable executables, enabling stealthy execution of payloads and evasion of detection.

IT

IT Archiving Encryption Communications

New Study: 2018 State of Embedded Analytics Report

Why do some embedded analytics projects succeed while others fail? We surveyed 500+ application teams embedding analytics to find out which analytics features actually move the needle. Read the 6th annual State of Embedded Analytics Report to discover new best practices. Brought to you by Logi Analytics.

Analytics

XCSSET MacOS malware targets Telegram, Google Chrome data and more

Security Affairs

JULY 25, 2021

Security researchers from Trend Micro continues to monitor the evolution of the XCSSET macOS malware, new variants are able to steal login information from multiple apps, including Telegram and Google Chrome, and send them to C2. ” reads the analysis published by Trend Micro. ” reads the analysis published by Trend Micro.

Libraries

Libraries Passwords Archiving Access

Microsoft releases emergency security updates to fix Windows codecs

Security Affairs

JULY 1, 2020

Microsoft has silently released two out-of-band security updates through the Windows Store app to address two vulnerabilities in the Windows Codecs Library. “A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory.

Libraries

Libraries Security IT Information Security

New PyLocky Ransomware stands out for anti-machine learning capability

Security Affairs

SEPTEMBER 12, 2018

Security experts from Trend Micro have spotted a new strain of ransomware involved in attacks in July and August, the malicious code was posing as the Locky ransomware. ” reads hte analysis published by Trend Micro. exe will drop malware components — several C++ and Python libraries and the Python 2.7 Pierluigi Paganini.

Ransomware

Ransomware Libraries Encryption Archiving

Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

Security Affairs

SEPTEMBER 16, 2024

In July, Trend Micro reported that an APT group tracked as Void Banshee was spotted exploiting the Windows zero-day CVE-2024-38112 (CVSS score of 7.5) Trend Micro researchers discovered that the flaw was actively exploited in the wild in May. states Trend Micro. states Trend Micro.

Archiving

Archiving File names Libraries Passwords

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

Microsoft addresses three Windows issues actively exploited

Security Affairs

APRIL 14, 2020

The two RCE flaws in Windows, tracked as CVE-2020-1020 and CVE-2020-0938 , are related to the Adobe Type Manager Library. In March, Microsoft warned of hackers exploiting the two zero-day remote code execution (RCE) vulnerabilities in the Windows Adobe Type Manager Library, both issues impact all supported versions of Windows.

Libraries

Libraries Authentication Security Risk

EastWind campaign targets Russian organizations with sophisticated backdoors

Security Affairs

AUGUST 12, 2024

. “Attackers use the classic DLL sideloading technique: when the desktop.exe file is launched, the malicious VERSION.dll library is loaded into the corresponding process” reads the report published by Kaspersky. “This library is a backdoor packed with the VMProtect tool. It also bears similarities to PlugX.”

Libraries

Libraries Encryption Cloud Archiving

Void Banshee exploits CVE-2024-38112 zero-day to spread malware

Security Affairs

JULY 17, 2024

Trend Micro researchers discovered that the flaw was actively exploited in the wild in May and reported it to Microsoft which addressed the zero-day with the July 2024 Patch Tuesday security updates. The archives are disseminated in cloud-sharing websites, Discord servers, and online libraries, and other means.

Archiving

Archiving Ransomware Libraries Passwords

Earth Lusca adds multiplatform malware KTLVdoor to its arsenal

Security Affairs

SEPTEMBER 5, 2024

Trend Micro Researchers spotted the Chinese-speaking threat actor Earth Lusca using a new multiplatform backdoor called KTLVdoor. Attackers spread the backdoor as a dynamic library (DLL, SO), the malware allows attackers to fully control the compromised environment.

IT

IT Communications Encryption Libraries

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Security Affairs

JANUARY 11, 2022

Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware Horizon systems. The Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems. trendmrcio[.]com,

Ransomware

Ransomware Libraries File names Encryption

Microsoft Patch Tuesday, December 2021 Edition

Krebs on Security

DECEMBER 14, 2021

But this month’s Patch Tuesday is overshadowed by the “ Log4Shell ” 0-day exploit in a popular Java library that web server administrators are now racing to find and patch amid widespread exploitation of the flaw. Log4Shell is the name picked for a critical flaw disclosed Dec.

Libraries

Libraries Cybersecurity Data breaches Cloud

DRBControl cyber-espionage group targets gambling, betting companies

Security Affairs

FEBRUARY 19, 2020

” reads the analysis published by Trend Micro. ” Trend Micro become aware of the new backdoor after the group targeted a company in the Philippines using both common and custom malware and exploitation tools. One of the backdoors leverages the file hosting service Dropbox as command-and-control (C&C).

Libraries

Libraries Phishing Passwords IT

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Security Affairs

JANUARY 31, 2021

“LD_PRELOAD forces binaries to load specific libraries before others, allowing the preloaded libraries to override any function from any library. One of the ways to use LD_PRELOAD is to add the crafted library to /etc/ld.so.preload.” ” continues the analysis. Pro-Ocean deploys an XMRig miner 5.11.1

Cloud

Cloud Libraries Mining IT

DinodasRAT Linux variant targets users worldwide

Security Affairs

MARCH 31, 2024

In March 2024, Trend Micro researchers uncovered a sophisticated campaign conducted by a threat actor tracked as Earth Krahang while investigating the activity of China-linked APT Earth Lusca. The Linux version of DinodasRAT uses Pidgin’s libqq qq_crypt library functions for encryption and decryption of data.

Libraries

Libraries Encryption Communications Government

New Raccoon Stealer uses Google Cloud Services to evade detection

Security Affairs

APRIL 1, 2020

The campaign analyzed by Trend Micro used the exploit kits Fallout and Rig , its characteristic was the use of Google Drive to evade detection. ” reads the analysis published by Trend Micro. ” concludes Trend Micro. The service is offered at a price that ranged from US$75 per week to $200 per month.

Cloud

Cloud Sales Libraries Phishing

Hackers stole card data from 201 campus online stores in US and Canada, is it the Magecart group?

Security Affairs

MAY 5, 2019

Experts at Trend Micro uncovered a Magecart attack that hit at least 201 online stores which serve 176 colleges and universities in the U.S. “The attacker injected their skimming script into the shared JavaScript libraries used by online stores on the PrismWeb platform.” ” reads the analysis published by Trend Micro.

e-Discovery

e-Discovery IT Analytics Libraries

Libraries lead the way with Green Libraries Week

CILIP

OCTOBER 6, 2023

Libraries lead the way with Green Libraries Week This year, Libraries Week went Green, with libraries from Jersey to John O’Groats hosting more than 280 environmental and sustainability activities,* from 2nd-8th October 2023.

Libraries

Libraries IT

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. ” reads the report published by Trend Micro. ” reads the report published by Trend Micro. exe to execute a malicious command.

Government

Government Communications Ransomware Manufacturing

Libraries and the fight against truth decay

CILIP

JUNE 17, 2024

Libraries and the fight against truth decay Truth decay is the diminishing role of facts and analysis in public life, it is a phenomenon that erodes civil discourse, causes political paralysis, and leads to general uncertainty around what is and is not. A longer-form interview with Stijn appears in the May/June edition of IP magazine.

Libraries

Libraries IT

TeamTNT group uses Hildegard Malware to target Kubernetes Systems

Security Affairs

FEBRUARY 5, 2021

Early this year, researchers from Trend Micro discovered that the TeamTNT botnet was improved with the ability to steal Docker credentials. It also hides malicious processes using library injection and encrypts the malicious payload. Uses a library injection technique based on LD_PRELOAD to hide the malicious processes.

Mining

Mining Libraries Encryption Access

Security Affairs newsletter Round 248

Security Affairs

JANUARY 26, 2020

Malware attack took down 600 computers at Volusia County Public Library. Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. US-based childrens clothing maker Hanna Andersson discloses a data breach. Yomi Hunter Catches the CurveBall. Jeff Bezos phone was hacked by Saudi crown prince.

Security

Security Data breaches Military IoT

‘Wormable’ Flaw Leads January 2022 Patch Tuesday

Krebs on Security

JANUARY 11, 2022

. “While this is definitely more server-centric, remember that Windows clients can also run http.sys, so all affected versions are affected by this bug,” said Dustin Childs from Trend Micro’s Zero Day Initiative. “Test and deploy this patch quickly.” ” Quickly indeed.

Libraries

Libraries Security Access IT

Wormable bash DarkRadiation Ransomware targets Linux distros and docker containers

Security Affairs

JUNE 22, 2021

Trend Micro researchers spotted a new strain of ransomware, dubbed DarkRadiation, which is writted in Bash script and target Linux distributions (Red Hat/CentOS and Debian) and Docker cloud containers. ” reads the analysis published by Trend Micro. CLI tool and library to obfuscate bash scripts.”

Ransomware

Ransomware Encryption Passwords Cloud

Conti ransomware gang exploits Log4Shell bug in its operations

Security Affairs

DECEMBER 17, 2021

After the disclosure of the exploit, Microsoft researchers reported that Nation-state actors from China, Iran, North Korea, and Turkey are now abusing the Log4Shell (CVE-2021-44228) in the Log4J library in their campaigns. ” reads the analysis published by AdvIntel.

Ransomware

Ransomware Energy and Utilities IT Libraries

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Security Affairs

NOVEMBER 18, 2020

SecurityAffairs – hacking, malware). The post Phishing campaign targets LATAM e-commerce users with Chaes Malware appeared first on Security Affairs.

Phishing

Phishing Mining Libraries Encryption

PlugX Trojan disguised as a legitimate Windows open-source tool in recent attacks

Security Affairs

FEBRUARY 27, 2023

Trend Micro uncovered a new wave of attacks aimed at distributing the PlugX remote access trojan masqueraded as an open-source Windows debugger tool called x32dbg. Researchers detailed a new wave of attacks distributing the PlugX RAT disguised as a legitimate Windows debugger tool.

Libraries

Libraries Communications Access Security

Microsoft fixed the Zero-Day for JET flaw, but the fix is incomplete

Security Affairs

OCTOBER 14, 2018

The vulnerability was discovered by the researcher Lucas Leong of the Trend Micro Security Research team that publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows. The root cause of the problem resides in the Window’s core dynamic link libraries “msrd3x40.dll.”.

Libraries

Libraries Security IT

CILIP welcomes publication of Sanderson Review of Public Libraries

CILIP

JANUARY 16, 2024

CILIP welcomes publication of Sanderson Review of Public Libraries CILIP has welcomed the publication of the findings of Baroness Sanderson of Welton’s Independent Review of Public Libraries, announced today at an event at the House of Lords attended by our CEO, Nick Poole.

Libraries

Libraries Government Education Communications

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

Security Affairs

JUNE 5, 2019

Security experts at Trend Micro have discovered a new Monero cryptomining miner, dubbed BlackSquid, that is targeting web servers, network drives, and removable drives. ” states Trend Micro. Trend Micro says that the majority of BlackSquid attacks have, so far, been detected in Thailand and the United States.

Mining

Mining File names Libraries IT

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

The network of compromised devices was discovered by Trend Micro which shared details of its investigation at the Black Hat Asia 2023 conference in May. ” reads the analysis published by Trend Micro. The threat actors infected at least 8.9 million compromised Android devices, most of them are budget phones. .

Libraries

Libraries Communications Big data Security

Interpol: Goldfish Alpha operation reduces cryptojacking by 78%

Security Affairs

JANUARY 9, 2020

The operation sees the contribution of Trend Micro, law enforcement and CERTs from ASEAN countries, including Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand, and Vietnam. ” reported Trend Micro. ” reads the press release published by the Interpol.

Mining

Mining Libraries Cybersecurity Security

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Security Affairs

APRIL 14, 2020

.” The messages use a weaponized rich text format (RTF) attachment that exploits the CVE-2012-0158 buffer overflow in Microsoft’s ListView / TreeView ActiveX controls in MSCOMCTL.OCX library. ” continues the analysis. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Phishing Government File names

1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials

Security Affairs

SEPTEMBER 1, 2022

The experts pointed out that most of the apps containing hard-coded Amazon Web Services were iOS apps (98%), this is a trend that the researchers have been tracking for years. 47% of these apps contained valid AWS tokens that granted complete access to all private files, including backups, and Amazon S3 buckets in the cloud.

Cloud

Cloud Authentication B2B Libraries

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Security Affairs

NOVEMBER 14, 2019

The experts discovered that multiple services of the McAfee software try to load a library from the path c:WindowsSystem32wbemwbemcomn.dll , that cannot be found because it is located in System32 and not in the System32Wbem folder. An attacker can place a malicious dll named wbemcomn.dll. in the wbem folder and get it executed.

Libraries

Libraries Security Access IT

Security Affairs newsletter Round 249

Security Affairs

FEBRUARY 2, 2020

Cyber Threat Trends Dashboard. CVE-2020-7247 RCE flaw in OpenSMTPD library affects many BSD and Linux distros. Attacks on Citrix servers increase after the release of CVE-2019-19781 exploits. Fortinet removed hardcoded SSH keys and database backdoors from FortiSIEM. Magento 2.3.4 addresses three critical Code execution flaws.

Security

Security Military Ransomware Libraries

Security Affairs newsletter Round 243

Security Affairs

DECEMBER 8, 2019

Experts discovered DLL hijacking issues in Kaspersky and Trend Micro solutions. Two malicious Python libraries were stealing SSH and GPG keys. Website of gunmaker Smith & Wesson hit by a Magecart attack. Mozilla removed 4 Avast and AVG extensions for spying on Firefox users. Talos experts found a critical RCE in GoAhead Web Server.

Security

Security Authentication Ransomware Libraries

Victims of Pylocky ransomware can decrypt their files for free

Security Affairs

JANUARY 11, 2019

PyLocky was first spotted by Trend Micro in July 2018, it is written in Python and it is packaged with the PyInstaller tool that is normally used to freeze Python programs into stand-alone executables. The encryption routines are implemented using the PyCrypto library and leverage the 3DES (Triple DES) cipher.

Ransomware

Ransomware Encryption Passwords Libraries

Omron addressed multiple flaws in its CX-Supervisor product

Security Affairs

JANUARY 21, 2019

CX-Supervisor allows to rapidly create human-machine interfaces (HMIs) for supervisory control and data acquisition (SCADA) systems thanks to the availability of a large number of predefined functions and libraries. The vulnerabilities were reported through Trend Micro’s Zero Day Initiative (ZDI).

IT

IT Libraries Security

Trend Micro addressed two DLL Hijacking flaws in Trend Micro Password Manager

Experts discovered DLL hijacking issues in Kaspersky and Trend Micro solutions

Webinars

Trending Sources

TeamTNT group adds new detection evasion tool to its Linux miner

Webinars

China-linked APT Mustang Panda upgrades tools in its arsenal

New Study: 2018 State of Embedded Analytics Report

XCSSET MacOS malware targets Telegram, Google Chrome data and more

Microsoft releases emergency security updates to fix Windows codecs

New PyLocky Ransomware stands out for anti-machine learning capability

Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

5 Early Indicators Your Embedded Analytics Will Fail

Microsoft addresses three Windows issues actively exploited

EastWind campaign targets Russian organizations with sophisticated backdoors

Void Banshee exploits CVE-2024-38112 zero-day to spread malware

Earth Lusca adds multiplatform malware KTLVdoor to its arsenal

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Microsoft Patch Tuesday, December 2021 Edition

DRBControl cyber-espionage group targets gambling, betting companies

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

DinodasRAT Linux variant targets users worldwide

New Raccoon Stealer uses Google Cloud Services to evade detection

Hackers stole card data from 201 campus online stores in US and Canada, is it the Magecart group?

Libraries lead the way with Green Libraries Week

Raspberry Robin malware used in attacks against Telecom and Governments

Libraries and the fight against truth decay

TeamTNT group uses Hildegard Malware to target Kubernetes Systems

Security Affairs newsletter Round 248

‘Wormable’ Flaw Leads January 2022 Patch Tuesday

Wormable bash DarkRadiation Ransomware targets Linux distros and docker containers

Conti ransomware gang exploits Log4Shell bug in its operations

Phishing campaign targets LATAM e-commerce users with Chaes Malware

PlugX Trojan disguised as a legitimate Windows open-source tool in recent attacks

Microsoft fixed the Zero-Day for JET flaw, but the fix is incomplete

CILIP welcomes publication of Sanderson Review of Public Libraries

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Interpol: Goldfish Alpha operation reduces cryptojacking by 78%

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Security Affairs newsletter Round 249

Security Affairs newsletter Round 243

Victims of Pylocky ransomware can decrypt their files for free

Omron addressed multiple flaws in its CX-Supervisor product

Stay Connected