[TheRecord] Hackers tried to exploit two zero-days in Trend Micro’s Apex One EDR platform

Cyber-security firm Trend Micro said hackers tried to exploit two zero-day vulnerabilities in its Apex One EDR platform in an attempt to go after its customers in attacks that took place earlier this year.

While details about the attacks are currently being kept under wraps, patches for both issues were made available at the end of July.

Trend Micro said the two zero-days appear to have been used together in an exploit chain where the hackers uploaded malicious code on Apex One platforms and then elevated their access to gain control over the host system.

CVE-2021-36741: Arbitrary File Upload VulnerabilityCVE-2021-36742: Local Privilege Escalation Vulnerability

Trend Micro is now encouraging that Apex One customers update their systems to the latest versions. The security firm said the patches impact both Apex One versions, the on-premise, and the cloud-hosted (SaaS) solution.

The two vulnerabilities mark the fifth and sixth zero-days in Trend Micro products exploited throughout 2020 and 2021. Previous zero-days include:

CVE-2019-18187 – disclosed in January 2020 and used by Chinese hackers to breach Mitsubishi Electric.CVE-2020-8467 and CVE-2020-8468 – disclosed in March 2020.CVE-2020-24557 – disclosed in April 2021.

Trend Micro did not previously share or disclose any details about how the zero-days were exploited, so there should be no expectation that the company would share further details about the recent ones.

The post Hackers tried to exploit two zero-days in Trend Micro’s Apex One EDR platform appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[HackerNews] Microsoft Warns of a Wide-Scale Phishing-as-a-Service Operation

All posts, HackerNews

Microsoft has opened the lid on a large-scale phishing-as-a-service (PHaaS) operation that’s involved in selling phishing kits and email templates as well as providing hosting and automated services at a low cost, thus enabling cyber actors to purchase phishing campaigns and deploy them with minimal efforts. “With over 100 available phishing templates that mimic known […]

Read More

[TheRecord] Routers and modems running Arcadyan firmware are under attack

Routers and modems running a version of the Arcadyan firmware, including devices from ASUS, Orange, Vodafone, and Verizon, are currently under attack from a threat actor attempting to ensnare the devices into their DDoS botnet. First spotted by security firm Bad Packets earlier this week and confirmed by Juniper Labs on Friday, the attacks are exploiting a vulnerability tracked as CVE-2021-20090. Discovered by […]

Read More

[ZDNet] Ransomware: Police sting targets suspects behind 1,800 attacks that ‘wreaked havoc across the world’

All posts, ZDNet

Twelve high-value individuals suspected of spreading LockerGoga, MegaCortex, Dharma and other ransomware across 71 countries have been targeted in Ukraine and Switzerland. Source: Read More (Latest topics for ZDNet in Security)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.