
RESEARCH
Trellix Advanced Research Center Patches 61,000 Vulnerable Open-Source Projects
January 23, 2023
Late last year, the Trellix Advanced Research Center team uncovered a vulnerability in Python’s tarfile module. As we dug in, we realized this was CVE-2007-4559 – a 15-year-old path traversal vulnerability with potential to allow an attacker to overwrite arbitrary files.
RECENT STORIES

When Pwning Cisco Persistence Is Key When Pwning Supply Chain Cisco Is Key
By Sam Quinn and Kasimir Schulz · February 1, 2023
The Trellix Advanced Research Center found two vulnerabilities in Cisco appliances: one that could allow attackers to gain persistent root access to the underlying system. These vulnerabilities were disclosed per Trellix's responsible disclosure process.

We Don’t Just Patch – We Hack
By Douglas McKee · February 1, 2023
Cisco edge devices (and yes, you should patch!). This is next in our series of research into edge devices, and we’ve found bugs affecting users at all levels – consumer, small business and now, enterprise.

The Bug Report — January 2023 Edition
By Jesse Chicks · February 1, 2023
January began with a headache on a Sunday morning and, if you happen to be on the receiving end of this month's remote code excitement, it ended with one, too.

Trellix’s Differentiated Position in the XDR Market - Highlighted in Industry Reports and Customer Reviews
By Daniel Ramos and Kathleen Trahan · January 30, 2023
Trellix is the only XDR vendor that meets all the criteria specific to the latest XDR front-end components reports published by Gartner.

GuLoader: The NSIS Vantage Point
By Nico Paulo Yturriaga · January 24, 2023
In this blog, we cover the multiple archive types used by threat actors to trick users into opening an email attachment. We also cover the progression of its distribution inside NSIS (Nullsoft Scriptable Install System) executable files by showing the obfuscation and string encryption updates through the year 2022.
RECENT NEWS
-
Feb 6, 2023
President Biden Names Bryan Palma to National Security Telecommunications Advisory Committee
-
Jan 17, 2023
Trellix Endpoint Scores 100% Detection with Zero False Positives in Latest SE Labs Endpoint Security Test
-
Dec 7, 2022
Trellix Predicts Heightened Hacktivism and Geopolitical Cyberattacks in 2023
-
Nov 30, 2022
Trellix Expedites Delivery of XDR with AWS
-
Nov 16, 2022
Ransomware Activity Doubles in Transportation and Shipping Industry
PROMOTIONS
Get the latest
We’re no strangers to cybersecurity. But we are a new company.
Stay up to date as we evolve.
Zero spam. Unsubscribe at any time.