304 matches found
Ancient CVEs Can Cause You Problems
Ancient CVEs Can Cause You Problems By Kent Landfield · September 23, 2022 The Common Vulnerability and Exposures CVE Program was founded in 1999 for the purpose of giving individual cyber vulnerabilities an identifier that could be used as an interoperable means for identifying a specific...
15-Year-Old Unpatched Python Vulnerability Potentially Affects Over 350,000 Projects
As many as 350,000 open source projects are believed to be potentially vulnerable to exploitation as a result of a security flaw in a Python module that has remained unpatched for 15 years. The open source repositories span a number of industry verticals, such as software development, artificial...
Get to Know Anne An
Meet Anne An Senior Security Researcher By Trellix · August 25, 2022 This blog was written by Michael Alicea At Trellix, we celebrate and champion our people. I’ve been hearing a lot recently about one of my colleagues, Anne An. My sources tell me she is a highly technical and “intuitive”...
Get to Know Anne An
Meet Anne An Senior Security Researcher By Michael Alicea · August 25, 2022 At Trellix, we celebrate and champion our people. I’ve been hearing a lot recently about one of my colleagues, Anne An. My sources tell me she is a highly technical and “intuitive” researcher embedded on our frontlines as...
Demystifying Qbot Malware
Demystifying Qbot Malware By Adithya Chandra and Sushant Kumar Arya · August 24, 2022 Executive summary The Trellix SecOps Team has observed an uptick in the Qbot malware infections in recent months. Qbot has been an active threat for over 14 years and continues to evolve, adopting new infection...
Demystifying Qbot Malware
Demystifying Qbot Malware By Adithya Chandra · August 24, 2022 This blog was also written by Sushant Kumar Arya Executive summary The Trellix SecOps Team has observed an uptick in the Qbot malware infections in recent months. Qbot has been an active threat for over 14 years and continues to evolv...
Vulnerability fixed in DrayTek Vigor routers
Researchers from security firm Trellix have found a vulnerability found in DrayTek Vigor routers. A unauthenticated malicious person with network access to the management interface could exploit the vulnerability to execute arbitrary code. This allows the malicious party to gain control of the...
CVE-2022-2313 DLL high jacking in Trellix Agent
A DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL into the folder from where the Smart installer is being executed...
Countering Follina Attack (CVE- 2022-30190) with Trellix Network Security Platform’s Advanced Detection Features
Countering Follina Attack CVE- 2022-30190 with Trellix Network Security Platform’s Advanced Detection Features By Trellix · July 19, 2022 This blog was also written by Chintan Shah Executive summary During the end of May 2022, independent security researcher reported a vulnerability assigned...
Countering Follina Attack (CVE- 2022-30190) with Trellix Network Security Platform’s Advanced Detection Features
Countering Follina Attack CVE- 2022-30190 with Trellix Network Security Platform’s Advanced Detection Features By Vinay Kumar and Chintan Shah · July 19, 2022 Executive summary During the end of May 2022, independent security researcher reported a vulnerability assigned CVE-2022-30190 in Microsof...
Countering Follina Attack (CVE- 2022-30190) with Trellix Intrusion Prevention System’s Advanced Detection Features
Countering Follina Attack CVE- 2022-30190 with Trellix Intrusion Prevention System's Advanced Detection Features By Trellix · July 19, 2022 This blog was also written by Chintan Shah Executive summary During the end of May 2022, independent security researchers reported a vulnerability assigned...
Get to Know Fred House
Meet Fred House Senior Director, Product Detection and Research By Michael Alicea · July 12, 2022 At Trellix, we celebrate and champion our people. For a long time now, I’ve been looking forward to connecting with Fred House, a Senior Director at Trellix Threat Labs and a consummate and “driven”...
Trellix Threat Labs Uncovers Critical Flaws in Widely Used Building Access Control System
Trellix Threat Labs Uncovers Critical Flaws in Widely Used Building Access Control System By Trellix · June 9, 2022 This story was also written by Steve Povolny and Sam Quinn. Today at the Hardwear.io Security Trainings and Conference, Trellix Threat Labs is sharing new research into...
Trellix Threat Labs Uncovers Critical Flaws in Widely Used Building Access Control System
Trellix Threat Labs Uncovers Critical Flaws in Widely Used Building Access Control System By Trellix · June 9, 2022 This story was also written by Steve Povolny and Sam Quinn. Today at the Hardwear.io Security Trainings and Conference, Trellix Threat Labs is sharing new research into...
Trellix Global Defenders: Follina — Microsoft Office Zero-Day (CVE-2022-30190)
Trellix Global Defenders: Follina — Microsoft Office Zero-Day CVE-2022-30190 By Taylor Mullins, Robin Noyce, Benjamin Marandel · June 3, 2022 Trellix is continuing to monitor the threat activity associated with the Microsoft Office Zero-Day vulnerability that has been dubbed “Follina.”...
Get to Know Patrick Flynn
Meet Patrick Flynn Head of Advanced Programs Group at Trellix Threat Labs By Michael Alicea · May 24, 2022 At Trellix, we celebrate and champion our people. This week, I sat down with Pat Flynn, Head of Advanced Programs Group for Trellix Threat Labs. His job is a critical one and how he goes abo...
Get to Know Patrick Flynn
Meet Patrick Flynn Head of Advanced Programs Group at Trellix Threat Labs By Trellix · May 24, 2022 This blog was written by Michael Alicea At Trellix, we celebrate and champion our people. This week, I sat down with Pat Flynn, Head of Advanced Programs Group for Trellix Threat Labs. His job is a...
Utilizing the Adaptive Defense Model Against Information Stealers
Trellix Global Defenders: Utilizing the Adaptive Defense Model Against Information Stealers By Taylor Mullins · May 23, 2022 Trellix is continuing to observe the continued growth in usage and general availability of Information Stealers that have the functionality to collect passwords, cookies,...
Utilizing the Adaptive Defense Model Against Information Stealers
Trellix Global Defenders: Utilizing the Adaptive Defense Model Against Information Stealers By Taylor Mullins · May 23, 2022 Trellix is continuing to observe the continued growth in usage and general availability of Information Stealers that have the functionality to collect passwords, cookies,...
Trellix: Sensitive Information Disclosure
Sensitive information, including Personally Identifiable Information PII data, was being disclosed through JEB 4.2.0.202106271614 licensed to a specific user. The vulnerability allowed unauthorized access to the information and could potentially lead to data breaches...