11 matches found
Importance of Scanning Files on Uploader Applications
Delve into the crucial practice of file scanning within uploader applications, and learn defensive measures to safeguards against malicious threats like malware...
ClamAV Command Execution Vulnerability
ClamAV Clam AntiVirus is a free and open source antivirus program from the ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. A command execution vulnerability exists in ClamAV versions prior to 1.3.0, which stems from insecure handling of filenames...
New Report: Unveiling the Threat of Malicious Browser Extensions
Compromising the browser is a high-return target for adversaries. Browser extensions, which are small software modules that are added to the browser and can enhance browsing experiences, have become a popular browser attack vector. This is because they are widely adopted among users and can easil...
Threat Roundup for September 22 to September 29
Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Sept. 22 and Sept. 29. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
March 24, 2022 update - As Microsoft continues to track DEV-0537’s activities, tactics, and tools, were sharing new detection, hunting, and mitigation information to give you additional insights on remaining vigilant against these attacks. In recent weeks, Microsoft Security teams have been...
Clam AntiVirus Input Validation Error Vulnerability (CNVD-2022-64263)
Clam AntiVirus is an open source antivirus engine for detecting Trojans, viruses, malware and other malicious threats.Clam AntiVirus suffers from an input validation error vulnerability that can be exploited by attackers to implement denial of service attacks...
Malvertising: Online advertising's darker side
By Nick Biasini, Chris Neal and Matt Valites. Executive summary One of the trickiest challenges enterprises face is managing the balance between aggressively blocking malicious advertisements aka malvertising and allowing content to remain online, accessible for the average user. The days of...
Office VBA + AMSI: Parting the veil on malicious macros
As part of our continued efforts to tackle entire classes of threats, Office 365 client applications now integrate with Antimalware Scan Interface AMSI, enabling antivirus and other security solutions to scan macros and other scripts at runtime to check for malicious behavior. Macro-based threats...
Smart DNS Resolution for a Better Safer Internet
By Arlen Frew Top-level Domain TLD operators are focused on making the Internet a better and safer place, enabling name registrations, and maintaining the DNS namespace in support of their stakeholders. The entire Internet ecosystem, including TLDs, is always looking for ways to improve security...
As Cities Get Smarter, So Should Their Security
TrendMicro Today, more urban centers than ever are implementing a range of advanced technological systems. These sensors and networks used in combination with citizens' mobile devices create smarter cities capable of reduced pollution, increased safety, better engagement with residents and more...
White House Beefs Up Cyber Threat Response Action Plan
President Barack Obama signed a Cyber Incident Coordination policy directive on Tuesday that puts processes in place for how the government will respond to malicious or accidental threats to the nation’s public and private cyber infrastructure. The White House directive is designed to improve...