Trend Micro has patched five vulnerabilities in multiple products. The updates address two zero-days - one Critical risk vulnerability CVE-2020-8467 and another High risk vulnerability CVE-2020-8468 under active attack in the wild. In addition, the company also patched three other Critical vulnerabilities that require no authentication to exploit.
Trend Micro has revealed a rogue employee has stolen 120,000 consumer customer records from an internal customer service database.
Last week, a worm was used to spread via removable drives and install a fileless version of the BLADABINDI backdoor. BLADABINDI is notable as a remote access tool (RAT) used for multiple backdoor capabilities and used for keylogging and DDoS threats.
A proof-of-concept (POC) has been released for an exploit of a recently patched Microsoft Edge vulnerability.
Security researchers at Trend Micro have spotted a "more innovative" ransomware attack that uses Virobot, malware that possesses ransomware and botnet capabilities that affects users in the United States.
Attackers are exploiting IoT devices with open ADB port 5555 to spread malware.
Security experts at Trend Micro have observed an evolving cyberespionage campaign named Blackgear that abuses social media for command and control communications. Blackgear dates back to 2008 and previously targets mainly public sector agencies, telecom and high tech industries in Japan, South Korea and Taiwan.