Martijn Lammerts
My own digital place with a little of everything

The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard

In many instances, researchers and engineers have found ways to hack into modern, internet-capable cars, as has been documented and reported several times. One famous example is the Chrysler Jeep hack that researchers Charlie Miller and Chris Valasek discovered. This hack and those that have come before it have mostly been reliant on specific vulnerabilities in specific makes and/or brands of cars. And once reported, these vulnerabilities were quickly resolved. But what should the security industry’s response be when a hack is found that is not only successful in being able to drastically affect the performance and function of the car, but is also stealthy and vendor neutral?

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard

Continue reading...

CVE-2017-0199: New Malware Abuses PowerPoint Slide Show

CVE-2017-0199 was originally a zero-day remote code execution vulnerability that allowed attackers to exploit a flaw that exists in the Windows Object Linking and Embedding (OLE) interface of Microsoft Office to deliver malware. It is commonly exploited via the use of malicious Rich Text File (RTF) documents, a method used by the DRIDEX banking trojan discovered earlier this yea

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

CVE-2017-0199: New Malware Abuses PowerPoint Slide Show

Continue reading...

Can Online Dating Apps be Used to Target Your Company?

People are increasingly taking to online dating to find relationships—but can they be used to attack a business? The kind (and amount) of information divulged—about the users themselves, the places they work, visit or live—are not only useful for people looking for a date, but also to attackers who leverage this information to gain a foothold into your organization.

To bear out the risks, we delved into various online dating networks, which initially included Tinder, Plenty of Fish, Jdate, OKCupid, Grindr, Coffee meets Bagel, and LoveStruck.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Can Online Dating Apps be Used to Target Your Company?

Continue reading...

Can Online Dating Apps be Used to Target Your Company?

People are increasingly taking to online dating to find relationships—but can they be used to attack a business? The kind (and amount) of information divulged—about the users themselves, the places they work, visit or live—are not only useful for people looking for a date, but also to attackers who leverage this information to gain a foothold into your organization.

To bear out the risks, we delved into various online dating networks, which initially included Tinder, Plenty of Fish, Jdate, OKCupid, Grindr, Coffee meets Bagel, and LoveStruck.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Can Online Dating Apps be Used to Target Your Company?

Continue reading...

Critical Windows Search and Hyper-V Vulnerabilities Tackled by August’s Patch Tuesday

Microsoft has released their monthly security bulletin with 48 security patches—25 of which are labeled Critical, 21 are Important, and two are Moderate in severity. This was a standard batch of updates, addressing issues in Internet Explorer, Microsoft Edge, Windows, Microsoft SharePoint, Adobe Flash Player and Microsoft SQL Server.

A majority of the critical CVEs are Scripting Engine Memory Corruption Vulnerabilities, which is not surprising. Since April of this year, we’ve been seeing a steady increase in vulnerabilities for the Scripting Engine. Typically, in a web-based attack scenario, an attacker would leverage Scripting Engine vulnerabilities to create a malicious website and then maneuver users to visit the site. This current batch of critical vulnerabilities could result in remote code execution if exploited successfully.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Critical Windows Search and Hyper-V Vulnerabilities Tackled by August’s Patch Tuesday

Continue reading...

OnionDog is not a Targeted Attack—It’s a Cyber Drill

In this blog post, we will look into smaller scale attacks in which an actor group allegedly attacked high profile targets working in the energy and transportation sector of South Korea for more than three years in a row. These attacks, which are known as OnionDog, received some publicity in the media. A perfunctory look into these actors' activities might easily lead to hasty conclusions on attribution. We had a more thorough look, in which we reached an interesting conclusion: OnionDog is not a targeted attack. OnionDog is a cyber drill.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

OnionDog is not a Targeted Attack—It’s a Cyber Drill

Continue reading...

How Chat App Discord Is Abused by Cybercriminals to Attack ROBLOX Players

Cybercriminals targeting gamers are nothing new. We’ve reported many similar incidents in the past, from fake game apps to real-money laundering through online game currencies. Usually the aim is simple: to steal personal information and monetize it. And usually, for that purpose the game itself is abused.

In the particular scenario we are describing in this blog post, however, it is not the game that is being abused by the cybercriminals, but rather one of the communication tools used by the game players. We’re referring to Discord, a new-generation chat platform that gamers frequently use, with a user base of more than 45 million registered members.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

How Chat App Discord Is Abused by Cybercriminals to Attack ROBLOX Players

Continue reading...

Vulnerability in F2FS File System Leads To Memory Corruption on Android, Linux

August’s Android Security Bulletin includes three file system vulnerabilities (CVE-2017-10663, CVE-2017-10662, and CVE-2017-0750 that were discovered by Trend Micro researchers. These vulnerabilities could cause memory corruption on the affected devices, leading to code execution in the kernel context. This would allow for more data to be accessed and controlled by the malware. A malicious app could be used to trigger this vulnerability, which occurs when a malicious disk using the F2FS (Flash-Friendly File System) is mounted. The disk can either be an actual physical device or a virtual file image.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Vulnerability in F2FS File System Leads To Memory Corruption on Android, Linux

Continue reading...