Trend Micro tria Barcelona per obrir el seu 'hub' de ciberseguretat a Europa.

https://www.ara.cat/economia/tecnologia/trend-micro-tria-barcelona-obrir-hub-ciberseguretat-europa_1_5416664.html

#Barcelona #Trendmicro #ciberseguretat

Cyble: CERT-In Vulnerability Note Highlights Critical Security Risks in Ivanti, Trend Micro, Apache Kafka, and SAP Products https://cyble.com/blog/cert-in-vulnerability-note-critical-top-software/ #cybersecurity #infosec #Ivanti #Apache #TrendMicro #SAP

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations.

The two methods are referenced by the two CVE cve-2025-49217 - CVE-2025-49215

#vulnerability #cybersecurity #trendmicro

🔗 https://vulnerability.circl.lu/vuln/cve-2025-49216

🔗 https://vulnerability.circl.lu/vuln/cve-2025-49217

#TrendMicro fixes critical vulnerabilities in multiple products

https://www.bleepingcomputer.com/news/security/trend-micro-fixes-six-critical-flaws-on-apex-central-endpoint-encryption-policyserver/

#cybersecurity

Critical vulnerabilities in Trend Micro Apex Central & Endpoint Encryption require immediate patching. #TrendMicro #Cybersecurity #Vulnerability

More details: https://www.bleepingcomputer.com/news/security/trend-micro-fixes-six-critical-flaws-on-apex-central-endpoint-encryption-policyserver/ - https://www.flagthis.com/news/16699

Sicherheitsupdates: Löchriger Schutz von #TrendMicro gefährdet PCs | Security https://www.heise.de/news/Sicherheitsupdates-Loechriger-Schutz-von-Trend-Micro-gefaehrdet-PCs-10441455.html #Patchday

Trend Micro has just closed the door on critical flaws that could’ve let hackers run code in your security setup. Are you up to date with the latest patch fixes?

https://thedefendopsdiaries.com/trend-micro-addresses-critical-vulnerabilities-in-apex-central-and-endpoint-encryption-policyserver/

#trendmicro
#cybersecurity
#vulnerability
#patchmanagement
#remotecodeexecution

Security updates: Trend Micro's patchy protection puts PCs at risk

Among others, Apex Central and Worry-Free Business Security from Trend Micro are vulnerable under Windows.

https://www.heise.de/en/news/Security-updates-Trend-Micro-s-patchy-protection-puts-PCs-at-risk-10442610.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#IT #Patchday #Security #Sicherheitslücken #TrendMicro #Updates #news

Sicherheitsupdates: Löchriger Schutz von Trend Micro gefährdet PCs

Unter anderem Apex Central und Worry-Free Business Security von Trend Micro sind unter Windows verwundbar.

https://www.heise.de/news/Sicherheitsupdates-Loechriger-Schutz-von-Trend-Micro-gefaehrdet-PCs-10441455.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#IT #Patchday #Security #Sicherheitslücken #TrendMicro #Updates #news

Pwn2Own Berlin: Overall victory for Singapore, over a million total prize money

Organizers collected around thirty previously unknown zero-day vulnerabilities - and passed them to the manufacturers. A quarter of these concerned AI software.

https://www.heise.de/en/news/Pwn2Own-Berlin-Overall-victory-for-Singapore-over-a-million-total-prize-money-10388196.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Exploit #IT #Pwnown #Security #TrendMicro #news

Pwn2Own Berlin: Gesamtsieg geht an Singapur, über eine Million Gesamt-Preisgeld

An die dreißig zuvor unbekannte Zero-Day-Lücken haben die Veranstalter eingesammelt - und an die Hersteller weitergegeben. Ein Viertel davon betraf KI-Software.

https://www.heise.de/news/Pwn2Own-Berlin-Gesamtsieg-geht-an-Singapur-ueber-eine-Million-Gesamt-Preisgeld-10387932.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Exploit #IT #Pwnown #Security #TrendMicro #news

#TrendMicro discusses how the #BlackBasta and #Cactus #ransomware groups utilized the #BackConnect #malware to maintain persistent control and exfiltrate sensitive data from compromised machines. Learn more -> https://www.trendmicro.com/en_us/research/25/b/black-basta-cactus-ransomware-backconnect.html

@fdelapena #BancoPromerica no pinta mal.
https://reports.exodus-privacy.eu.org/en/reports/569962/
2 rastreadores y no requiere aceso a los contactos.
En la página de login solamente tienen el script de googlefonts:
https://webbkoll.5july.net/en/results?url=http%3A%2F%2Fbanca.grupopromerica.com%2FPCRC%2FPB%2Fpages%2Fadministration%2FpbLoginPage.aspx#requests
Sus servidores parecen estar en Costa Rica - traceroute tira esto como hop final: 201.196.26.145
inetnum: 201.196.26.0/23
status: reallocated
aut-num: N/A
owner: TRES RIOS
ownerid: CR-TRRI-LACNIC
responsible: Desarrollo de la red ICE
address: 100032, 1, 1
address: 1 - Oeste -
country: CR
person: Disenno y Transporte, ICE
e-mail: gspam@ice.go.cr
address: 10032-1000 San José, Costa Rica, 10032, San José
=========
Info adicional:
Lo de arriba es del dominio promerica.fi.cr

La página que se usa para loggearse al area de usuarios interno es:
banca.grupopromerica.com con el último hop en EEUU:
72.29.211.246

NetRange: 72.29.192.0 - 72.29.223.255
CIDR: 72.29.192.0/19
NetName: AIRBAND-BALTIMORE-01

Son estos:
https://www.connectbase.com/provider/airband-communications/

El correo de ellos va a través de un servidor de #trendmicro
"romericacr.in.tmes.trendmicro.com"
Es una empresa japonesa.

=========
Info adicional:
el correo de grupopromerica utiliza Microsoft como proveedor - entonces allí pierden puntos de confianza

grupopromerica-com.mail.protection.outlook.com.

Saben si hay que usar el app?
Qué experiencias han tenido con este banco?
Pura vida

#TrendMicro's Threat Hunting team found that Earth Preta (aka Mustang Panda) uses the Microsoft Application Virtualization Injector to inject payloads into waitfor.exe when a compet antivirus is present. #CyberSecurity #ThreatHunting #infosec https://www.trendmicro.com/en_us/research/25/b/earth-preta-mixes-legitimate-and-malicious-components-to-sidestep-detection.html

IDShield combines Trend Micro’s device-level security with a thorough identity and privacy monitoring system. Expert identity theft remediation assistance rounds out this service.

https://www.pcmag.com/reviews/idshield

#idshield #pcmag #trendmicro #securitysuite #identitytheft #security

For #Metaverse or for #Metaworse??? For richer or for poorer? Til #AI do us part? -#AppleVisionPro

In 2022, #TrendMicro
conducted extensive research to understand potential cyber threats to the #metaverse The release of Apple's #AppleVisionPro headset provided an opportunity to evaluate these predictions

Read here: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/metaverse-or-metaworse-how-the-apple-vision-pro-stacks-up-against-predictions

#infosec #security

Trend Micro Maximum Security provides licenses for many devices and comprehensive Android and iOS protection, but its core Windows security is weak.

https://www.pcmag.com/reviews/trend-micro-maximum-security

#antivirus #securitysuite #trendmicro #pcmag

Trend Micro Internet Security falls short of its Maximum Security sibling, and even shorter of competing security suites.

https://www.pcmag.com/reviews/trend-micro-internet-security

#antivirus #pcmag #securitysuite #trendmicro

Trend Micro Antivirus for Mac comes with numerous bonus features, including privacy and utility tools, but the testing labs no longer certify its core antivirus capabilities.

https://www.pcmag.com/reviews/trend-micro-antivirus-for-mac

#antivirus #macantivirus #trendmicro #pcmag #security

Trend Micro Antivirus+ Security goes beyond basic antivirus with plenty bonus features, but poor scores in both lab tests and our hands-on tests suggest its core antivirus needs some work.

https://www.pcmag.com/reviews/trend-micro-antivirus-plus-security

#antivirus #security #pcmag #trendmicro