Monthly Archives: November 2016

Hybrid cloud security: it’s your responsibility!

schermafbeelding-2016-11-29-om-09-42-24The last few years, whenever VMware holds its annual user event VMworld, the concept of hybrid cloud is discussed at length. The topic is still the same but the questions have gradually shifted, from ‘how do I prepare for the hybrid cloud when it arrives?’ to ‘the hybrid cloud is already here. How do I deal with it?’. Continue reading

See what our customers and partners say about Trend Micro [video]

vmworld-2016One of the great things of being present at alliance events, is meeting a lot of your customers and partners! It’s an opportunity to catch up and find out more about their experience with the Trend Micro products. At VMworld Europe last month this was exactly what we did, and we did some short video interviews to share with you. Continue reading

Pawn Storm Ramps Up Spear-phishing Before Zero-Days Get Patched

by Feike Hacquebord, Senior Threat Researcher

The effectiveness of a zero-day quickly deteriorates as an attack tool after it gets discovered and patched by the affected software vendors. Within the time between the discovery of the vulnerability and the release of the fix, a bad actor might try to get the most out of his previously valuable attack assets. This is exactly what we saw in late October and early November 2016, when the espionage group Pawn Storm (also known as Fancy Bear, APT28, Sofacy, and STRONTIUM) ramped up its spear-phishing campaigns against various governments and embassies around the world.  In these campaigns, Pawn Storm used a previously unknown zero-day in Adobe’s Flash (CVE-2016-7855, fixed on October 26, 2016 with an emergency update) in combination with a privilege escalation in Microsoft’s Windows Operating System (CVE-2016-7255) that was fixed on November 8, 2016. Continue reading