CVE-2017-11381

Summary: CVE-2017-11381 affects Trend Micro Deep Discovery Director 1.1. A command injection vulnerability exists in the backup/restore flow that can be exploited to restore accounts and ultimately gain code execution as root. The issue arises during the restore of textUI accounts: the process as...

CVE-2017-11379

Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1...

CVE-2017-11380

Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1...

CVE-2017-11380

The connected CORE advisory for Trend Micro Deep Discovery Director 1.1 details CVE-2017-11380 (backup archives encrypted with a static, hard-coded password) and CVE-2017-11381 (command injection during backup-restore accounts handling), enabling potential code execution with root privileges via ...

Trend Micro Deep Discovery Email Inspector kdump_setting Denial of Service Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within kdumpsetting.php. The issue results from the lack of proper...

Troubleshooting Certificate and Connection Errors in Cloud Connect

Challenge When adding a Service Provider on the tenant's Veeam Backup & Replication, either of the following errors occurs: Certificate validation failed. Unable to connect to the service provider. Certificate validation failed. Authentication failed because the remote party has closed the...

Trend Micro Deep Discovery Director vulnerability analysis-vulnerability warning-the black bar safety net

Vulnerability information Type: OS command in the special elements improper handling ofCWE-78, use of hard-coded cryptographic keysCWE-321, data authenticity verification is insufficientCWE-345 Impact: code execution Remote exploit: Yes Local exploit: Yes CVE name: CVE-pending-assignment-1,...

Google Changes How it Analyzes Misbehaving Mobile Apps

Mobile apps in the Google Play store are categorized by their purpose, i.e., productivity or games. But there is a science to how apps are arranged, in particular around security and privacy features, and especially in holding back those apps whose behaviors pose a risk to mobile users. Google on...

What Can The Dark Web Teach Us About Enterprise Security?

Ever since the law enforcement takedown of the Silk Road underground marketplace in 2013, there has been increasing interest in the depth and breadth of the Deep Web. This portion of the internet has been largely shrouded from the public eye, representing an environment in which hackers can...

Bringing Data Center Security to Cloud Speed

Last week, while visiting the product management team for Deep Security, I asked about their latest release. They surprised me by saying the big news is that there IS a release. Confused, I asked them to elaborate… You see, when you develop software, you’re faced with many choices, one of which i...

DEBIAN-CVE-2017-9766

In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service stack exhaustion in the dissectIODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c...

Linux is secure…right?

“There are no threats for Linux servers. Aren’t they built to be secure?” “Linux servers are secure and hardened, why do we need additional security controls on those?” “I do understand there are threats out there but I am not aware of any major attacks on Linux servers” If you find yourself...

UBUNTU-CVE-2017-9616

In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion uncontrolled recursion in the dissectmp4box function in epan/dissectors/file-mp4.c...

How IOC Sharing Will Help Us Build a More Secure Healthcare Sector

At Trend Micro we work hard every day to reduce the risk posed by cyber attacks from hacktavists, transnational cybercriminals, and cyber espionage groups. Nowhere is this more pertinent than in the healthcare industry, where everything from data breaches to ransomware attacks impacting medical...

Open Sources Research Framework: OSRFramework

Open Sources Research Framework OSRFramework is a GNU AGPLv3+ set of libraries developed by i3visio to perform Open Source Intelligence tasks. They include references to a bunch of different applications related to username checking, DNS lookups, information leaks research, deep web search, regul...

Friday Squid Blogging: Squid as Prey

There's lots of video of squid as undersea predators. This is one of the few instances of squid as prey from a deep submersible in the Pacific: "We saw brittle stars capturing a squid from the water column while it was swimming. I didn't know that was possible. And then there was a tussle among t...

Decade Long Partnership = Global Partner Innovation Award

Here at Trend Micro we highly value the relationships we’ve build with our partners, especially those that have spanned several years. However, it’s particularly gratifying when those partners choose to recognize our work with an award. So, excuse us while we toot our own horn’s for a bit...

Trend Micro Deep Security has multiple vulnerabilities

Trend Micro Deep Security is server and application protection software that unifies security across virtual, cloud and traditional data center environments. Trend Micro Deep Security has multiple vulnerabilities. Vulnerabilities can be exploited by attackers to cause arbitrary file disclosure,...

Trend Micro Deep Security 6.5 XXE / Code Execution

The following advisory describes three 3 vulnerabilities found in Trend Micro Deep Security version 6.5. aThe Trend Micro Hybrid Cloud Security solution, powered by XGen security, delivers a blend of crossA-generational threat defense techniques that have been optimized to protect physical,...

Trend Micro Deep Security 6.5 - XML External Entity Injection Local Privilege Escalation Remote Code Execution

Trend Micro Deep Security 6.5 - XML External Entity Injection Local Privilege Escalation Remote Code Execution The following advisory describes three 3 vulnerabilities found in Trend Micro Deep Security version 6.5. “The Trend Micro Hybrid Cloud Security solution, powered by XGen security, delive...