Category: Trend Micro Research, News and Perspectives

This article has been indexed from Trend Micro Research, News and Perspectives Researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service (DDS) standard and its implementations from a security angle. The full…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Recently, we observed attempts to exploit the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — by malicious actors to deploy cryptocurrency miners. Read the…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Recently, we observed the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — being actively exploited by malicious actors to deploy cryptocurrency miners. Read the…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In our series wrap-up, we look into CVEs that affect critical manufacturing based on MITRE’s matrix. We also explore common ICS-affecting vulnerabilities identified in 2021. Read the original…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Both BLISTER and SocGholish are loaders known for their evasion tactics. Our report details what these loaders are capable of and our investigation into a campaign that uses…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In part two of our three-part series, we continue to analyze vulnerabilities using MITRE ATT&CK. We also look into the sectors affected and their risk levels. Read the…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Probing the activities of cloud-based cryptocurrency-mining groups, and Lapsus$ ‘back from vacation’ Read the original article: This Week in Security News – April 1, 2022

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In this blog series our team examined various ICS vulnerabilities using the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS. Read the original article: An In-Depth…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In this blog series our team examined various ICS vulnerabilities using the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS. Read the original article: An In-Depth…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives One of the recent trends we’ve observed is the rise of cloud-based cryptocurrency-mining groups that exploit cloud resources, specifically the CPU power of deployed cloud instances, to mine…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives A fundamental challenge of architecture built using tools like Terraform is configuration drift. Check out these actionable strategies and steps you can take to detect and mitigate Terraform…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives An investigation of cryptocurrency scams and schemes, and Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal Read the original article: This Week in Security News – March 25,…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives We provide an overview of the diverse range of NFT- and cryptocurrency-related scams that malicious actors use to steal assets worldwide. Read the original article: An Investigation of…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Vulnerabilities in software and infrastructure are a fact of life for developers and SREs. But when you understand vulnerabilities, you can minimize their impact. Learn more about five…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Global Cyberattacks: Navigating New Frontiers: Trend Micro 2021 Annual Cybersecurity Report, and US Has ‘Significant’ Cyber Vulnerabilities, But A Sweeping Russian Cyberattack Is Unlikely Read the original article:…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives This report discusses the technical capabilities of this Cyclops Blink malware variant that targets ASUS routers and includes a list of more than 150 current and historical command-and-control…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Is your app server serving more stress than function? Explore this walkthrough for configuring and deploying a serverless API and discover the vast benefits of letting cloud services…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Trend Micro has released a technical report on how the electric utility industry can gain situational awareness across entire network. Read the original article: Utility Cybersecurity: Situational Awareness…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In March 2022, we came across evidence that another, relatively unknown, ransomware known as Nokoyawa is likely connected with Hive, as the two families share some striking similarities…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives We analyze RURansom, a malware variant discovered to be targeting Russia. Originally suspected to be a ransomware because of its name, analysis reveals RURansom to be a wiper.…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Global Cyberattacks: How to manage risk in times of chaos, and Ukraine-Russia cyber warzone splits cyber underground Read the original article: This Week in Security News March 4,…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Alongside the physical conflict happening between Russia and Ukraine, there have also been an increasing number of alleged cyberattacks perpetrated by different groups. Our research teams have verified…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Discover 5 key security components to review and how to leverage a cloud native security platform with Mick McCluney (Trend Micro) and Kelly Griffin (AWS). Read the original…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Explore how secure infrastructure-as-code (IaC) enables security leaders to help DevOps teams quickly deliver more business value. Read the original article: Why IaC Security Should Matter to CISOs

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In part two of this blog entry, we further investigate the innings of smspva.net and discuss the impact and implications of such services. Read the original article: SMS…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Recent cyberattacks increasingly target open-source web servers, and US officials tell businesses to watch for potential ransomware attacks after Biden announces Russia sanctions Read the original article: This…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives As geopolitical tensions rise, so does pressure to enhance corporate cyber-resilience Read the original article: Ukraine Cyberattack 2022: Geopolitical Cybersecurity

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In this three-part blog entry, our team explored SMS PVA, a service built on top of a global bot network that compromises smartphone cybersecurity as we know it.…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives A Mac coinminer has been spotted using open-source components in its routine and the I2P Network to hide its traffic. We dive into old iterations of this malware,…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives SMS PVA services’ use of infected Android phones reveals flaws in SMS verification, and ‘Russian state-sponsored cyber actors’ cited in hacks of U.S. defense contractors Read the original…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Discover the six pillars of the Amazon Web Services (AWS) and Azure Well-Architected Framework, examining best practices and design principles to leverage the cloud in a more efficient,…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Certain SMS PVA services allow their customers to create disposable user profiles or register multiple accounts on many popular online platforms. These services can be abused by criminals…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Trend Micro Vision One™ integrates with Palo Alto Networks Cortex™ XSOAR to drive automated response to incidents uncovered by Vision One. Read the original article: Security Automation with…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Explore 3 cyber security trends and how to strategically mitigate future risks with Trend Micro’s Jon Clay, VP of threat intelligence and Ed Cabrera, chief cybersecurity officer. Read…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In this article we explore CNAPP, the latest industry acronym coined by Gartner, and why devs need to know about it. Read the original article: A Cloud Native…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Discover how some malicious groups disable features in Alibaba Cloud ECS instances for illicit mining of Monero. Read the original article: Cryptojacking Attacks Target Alibaba ECS Instances

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives How useful is the Codex code generator as a potential training tool? Read the original article: Codex Exposed: Helping Hackers in Training?

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Information on the latest Samba vulnerability and how to protect systems against the threats that can exploit it. Read the original article: The Samba Vulnerability: What is CVE-2021-44142…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read the…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In 2021, a team of researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service (DDS) standard and its implementations from…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Trend Micro confirmed a new mobile malware infection chain targeting both Android and iPhone devices. The malware might have been designed to steal credentials associated with membership websites…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives We investigated the most recent activities of APT36, also known as Earth Karkaddan, a politically motivated advanced persistent threat (APT) group, and discuss its use of CapraRAT, an…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection. Read the original article: Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In our latest research, we analyze the threats targeting well-known brands of network-attached storage (NAS) devices. Read the original article: Defending Users’ NAS Devices From Evolving Threats

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Microservices are growing in popularity—how can development teams embed seamless security into the entire pipeline? Fernando Cardoso, solutions architect at Trend Micro, breaks it down for you. Read…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives We analyze the ransomware White Rabbit and bring into focus the familiar evasion tactics employed by this newcomer. Read the original article: New Ransomware Spotted: White Rabbit and…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Our technical brief provides an in-depth look at Earth Lusca’s activities, the tools it employs in attacks, and the infrastructure it uses. Read the original article: Earth Lusca…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In this two-part series, we look into various cybersecurity threats that affected industrial control systems endpoints. We also discuss several insights and recommendations to mitigate such threats. Read…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives A vulnerability found in 2021 has been patched and re-patched in the months since it was reported. We analyze the bug and outline the process that led to…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives This report is the fourth part of our LoRaWAN security series, and highlights an attack vector that, so far, has not attracted much attention: the LoRaWAN stack. The…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives The Trend Micro™ Managed XDR team addressed a stealthy multilayered attack that progressed from an exploited endpoint vulnerability to the use of legitimate remote access tools including Remote…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives The first of a series of blog posts examines the security risks of Codex, a code generator powered by the GPT-3 engine. Read the original article: Codex Exposed:…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives This week, read about Log4j vulnerabilities in connected cars and charging stations and how iOS malware can fake iPhone shutdowns to snoop on cameras and microphones. Read the…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In this workshop, you’ll learn how to leverage DevOps Security with your serverless applications running on AWS Lambda or containerized applications running on AWS Fargate. Learn how to…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives We look back on the 5 most popular DevOps Resource Center articles in 2021 to help you build at your best in 2022. Read the original article: Top…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In this entry we look into how Log4j vulnerabilities affect devices or properties embedded in or used for connected cars, specifically chargers, in-vehicle infotainment systems, and digital remotes…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives With recent news of the critical, zero-day vulnerability Apache Log4Shell, we explore how to detect and protect your Apache HTTP servers. Read the original article: How to detect…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Trying to adopt DevSecOps culture? Or already in the thick of it? Trend Research explores the cybersecurity trends for 2022 to enhance your security strategy and get the…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives We created a free assessment tool for scanning devices to know whether it is at risk for Log4Shell attacks. Read the original article: Are Endpoints at Risk for…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign. Read the original article: Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Trend Micro’s tracking of modern ransomware, as well as of older families, shows which attacks are gaining momentum and which families are particularly dangerous for enterprises and private…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Our long-term monitoring of the cyberespionage group Earth Centaur (aka Tropic Trooper) shows that the threat actors are equipped with new tools and techniques. The group seems to…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives By examining Purple Fox’s routines and activities, both with our initial research and the subject matter we cover in this blog post, we hope to help incident responders,…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Log4Shell., also known as CVE-2021-44228, was first reported privately to Apache on November 24 and was patched with version 2.15.0 of Log4j on December 9. It affects Apache…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these samples is that the files are code-signed. They also terminate various processes which are related…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives This week, read about Trend Micro’s predictions for security in the coming year. Also, learn about the Biden administration’s latest initiatives for curtailing attacks on the transport infrastructure.…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In our study, we relied on the tactics, techniques, and procedures of MITRE ATT&CK to define the malware capabilities and characteristics of IoT Linux malware. We describe our…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Explore Trend Micro Research’s security insights and predictions for 2022 to enable more informed and proactive decision-making. Read the original article: Cybersecurity Trends for 2022

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In this entry, we discuss several of our predictions that security professionals and decision-makers should know about to help them make informed decisions on various security fronts in…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives This week, learn about how Squirrelwaffle utilized ProxyLogon and ProxyShell to hack email chains. Also, read on a recent data breach of the Los Angeles Planned Parenthood Network.…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Following our previous disclosure of compromised Docker hub accounts delivering cryptocurrency miners, we analyze these accounts and discover more malicious actions that you need to be aware of.…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Cloud misconfigurations can become opportunities for cyberattacks or lead to data breaches. Organizations must mitigate them before incurring significant and costly consequences. Read the original article: What You…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Welcome to your complete guide to AWS re:Invent 2021, where you will find tips on how to get the most out of your conference experience both in Las…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Explore this comprehensive guide to application security, which provides an overview of the importance of embedding runtime application security controls in the application build workflow to protect cloud-native…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Squirrelwaffle is known for using the tactic of sending malicious spam as replies to existing email chains. We look into how by investigating its exploit of Microsoft Exchange…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives This article will provide guidelines aimed at helping readers understand how to detect and prevent ransomware and limit its effect. Read the original article: A Guide to Ransomware:…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In this blog entry, we will take a look at the ProxyShell vulnerabilities that were being exploited in these events, and dive deeper into the notable post-exploitation routines…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives A total of 13 suspects believed to be members of two prolific cybercrime rings were arrested as a global coalition across five continents involving law enforcement and private…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives We looked at how some malicious groups disable features in Alibaba Cloud ECS instances for illicit mining of Monero. Read the original article: Groups Target Alibaba ECS Instances…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives QAKBOT operators resumed email spam operations towards the end of September after an almost three-month hiatus. QAKBOT detection has become a precursor to many critical and widespread ransomware…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives Using a new batch of campaign samples, we take a look at its more recent cybercrime contributions and compare them with its previous deployments to demonstrate the group’s…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives The past 18 months have presented new technology and challenges at an accelerated pace. The only way to keep up with a continuous demand for new features, running…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives In October 2021, we observed threat actors targeting poorly configured servers with exposed Docker REST APIs by spinning up containers from images that execute malicious scripts. Read the…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives November continues a recent pattern of relatively peaceful Patch Tuesday cycles. There were only six vulnerabilities rated as Critical this month, with 49 more rated as Important for…

Read more →

This article has been indexed from Trend Micro Research, News and Perspectives One of the most prolific cybermercenaries is Void Balaur, a Russian-speaking threat actor group that has launched attacks against different sectors and industries all over the world. Read…

Read more →