25 October 2021
This feed was created by mixing existing feeds from various sources.
This Week in Security News – October 22, 2021
In this week in security news, learn about a new backdoor from PurpleFox that utilizes WebSockets for more secure communication the link between the Sinclair ransomware attack and the cybercrime group Evil Corp.
India Releases Cybersecurity Guidelines for Power Sector
A first in the sector, the latest scheme aims to enhance cybersecurity readiness and the overall efficiency of the country’s distribution companies.
Workshop: AWS S3 Bucket for Malware Scanning
In this workshop, you will learn how to scan your objects that are being uploaded to Amazon S3 buckets for malware and integrate into your custom workflows, by automating with your current resources, directly in your AWS environment.
Forced Entry: A Security Test for Automatic Garage Doors
In this blog entry we revisit threats to automatic garage doors by using SDR to test two attack scenarios. We demonstrate a rolling code attack and one that involves a hidden remote feature.
CISA Releases Automotive Cybersecurity Guide
The guide helps Transportation System Sector partners understand the cyber-physical risks related to AVs and discusses mitigation strategies they can implement.
PurpleFox Adds New Backdoor That Uses WebSockets
In September 2021, the Trend Micro Managed XDR (MDR) team looked into suspicious activity related to a PurpleFox operator. Our findings led us to investigate an updated PurpleFox arsenal, which included an added vulnerability (CVE-2021-1732) and optimized rootkit capabilities leveraged in their attacks.
Secure Public Web Apps Running on Azure
Discover how to meet your end of the shared responsibility model with simplified security integrations for Azure.
Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One
We look into campaigns that exploit the following server vulnerabilities: CVE-2021-26084, CVE-2020-14882, CVE-2020-14750, and CVE-2020-14883.
This Week in Security News – October 15, 2021
Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more.
Security Risks with Private 5G in Manufacturing Companies Part. 2
We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry. The option of Private 5G lets private companies and local governments have their own telecom infrastructures....