Analyzing an Old Bug and Discovering CVE-2021-30995

Credit to Author: Mickey Jin| Date: Fri, 14 Jan 2022 00:00:00 +0000

A vulnerability found in 2021 has been patched and re-patched in the months since it was reported. We analyze the bug and outline the process that led to the discovery of CVE-2021-30995.

Read more

LoRaWAN’s Protocol Stacks: The Forgotten Targets at Risk

Credit to Author: Sébastien Dudek| Date: Tue, 11 Jan 2022 00:00:00 +0000

This report is the fourth part of our LoRaWAN security series, and highlights an attack vector that, so far, has not attracted much attention: the LoRaWAN stack. The stack is the root of LoRaWAN implementation and security. We hope to help users secure it and make LoRaWAN communication resistant to critical bugs.

Read more

Uncovering and Defending Systems Against Attacks With Layers of Remote Control

Credit to Author: Abraham Camba| Date: Mon, 10 Jan 2022 00:00:00 +0000

The Trend Micro™ Managed XDR team addressed a stealthy multilayered attack that progressed from an exploited endpoint vulnerability to the use of legitimate remote access tools including Remote Desktop Protocol (RDP) as its final means of intrusion.

Read more

Organized Cybercrime Cases: What CISOs Need to Know

Credit to Author: Jon Clay| Date: Fri, 07 Jan 2022 00:00:00 +0000

Jon Clay, VP of Threat Intelligence at Trend Micro, explores the latest Trend Micro Research covering Access as a Service (AaaS), an emerging business model selling all-access passes to other malicious actors.

Read more

This Week in Security News – January 7, 2022

Credit to Author: Jon Clay| Date: Fri, 07 Jan 2022 00:00:00 +0000

This week, read about Log4j vulnerabilities in connected cars and charging stations and how iOS malware can fake iPhone shutdowns to snoop on cameras and microphones.

Read more

This Week in Security News – January 7th, 2022

Credit to Author: Jon Clay| Date: Fri, 07 Jan 2022 00:00:00 +0000

This week, read about Log4j vulnerabilities in connected cars and charging stations and how iOS malware can fake iPhone shutdowns to snoop on cameras and microphones.

Read more

Apache Log4j: Mitigation for DevOps

Credit to Author: Melanie Tafelski| Date: Wed, 05 Jan 2022 00:00:00 +0000

What can DevOps teams do to mitigate Apache Log4j risks? Explore how to secure your apps for today and against future vulnerabilities.

Read more