This article has been indexed from Trend Micro Research, News and Perspectives Researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service (DDS) standard and its implementations from a security angle. The full…
Category: Trend Micro Research, News and Perspectives
Analyzing Attempts to Exploit the Spring4Shell Vulnerability CVE-2022-22965 to Deploy Cryptocurrency Miners
This article has been indexed from Trend Micro Research, News and Perspectives Recently, we observed attempts to exploit the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — by malicious actors to deploy cryptocurrency miners. Read the…
Spring4Shell Vulnerability CVE-2022-22965 Exploited to Deploy Cryptocurrency Miners
This article has been indexed from Trend Micro Research, News and Perspectives Recently, we observed the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — being actively exploited by malicious actors to deploy cryptocurrency miners. Read the…
An In-Depth Look at ICS Vulnerabilities Part 3
This article has been indexed from Trend Micro Research, News and Perspectives In our series wrap-up, we look into CVEs that affect critical manufacturing based on MITRE’s matrix. We also explore common ICS-affecting vulnerabilities identified in 2021. Read the original…
Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload
This article has been indexed from Trend Micro Research, News and Perspectives Both BLISTER and SocGholish are loaders known for their evasion tactics. Our report details what these loaders are capable of and our investigation into a campaign that uses…
An In-Depth Look at ICS Vulnerabilities Part 2
This article has been indexed from Trend Micro Research, News and Perspectives In part two of our three-part series, we continue to analyze vulnerabilities using MITRE ATT&CK. We also look into the sectors affected and their risk levels. Read the…
This Week in Security News – April 1, 2022
This article has been indexed from Trend Micro Research, News and Perspectives Probing the activities of cloud-based cryptocurrency-mining groups, and Lapsus$ ‘back from vacation’ Read the original article: This Week in Security News – April 1, 2022
An In-Depth Look at ICS Vulnerabilities Part 1
This article has been indexed from Trend Micro Research, News and Perspectives In this blog series our team examined various ICS vulnerabilities using the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS. Read the original article: An In-Depth…
An In-Depth Look at ICS Vulnerabilities Part 1
This article has been indexed from Trend Micro Research, News and Perspectives In this blog series our team examined various ICS vulnerabilities using the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS. Read the original article: An In-Depth…
Why Organizations Should Take Cloud-Based Cryptocurrency-Mining Attacks Seriously
This article has been indexed from Trend Micro Research, News and Perspectives One of the recent trends we’ve observed is the rise of cloud-based cryptocurrency-mining groups that exploit cloud resources, specifically the CPU power of deployed cloud instances, to mine…
Terraform Tutorial: Drift Detection Strategies
This article has been indexed from Trend Micro Research, News and Perspectives A fundamental challenge of architecture built using tools like Terraform is configuration drift. Check out these actionable strategies and steps you can take to detect and mitigate Terraform…
This Week in Security News – March 25, 2022
This article has been indexed from Trend Micro Research, News and Perspectives An investigation of cryptocurrency scams and schemes, and Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal Read the original article: This Week in Security News – March 25,…
An Investigation of Cryptocurrency Scams and Schemes
This article has been indexed from Trend Micro Research, News and Perspectives We provide an overview of the diverse range of NFT- and cryptocurrency-related scams that malicious actors use to steal assets worldwide. Read the original article: An Investigation of…
Mitigate Top 5 Common Cybersecurity Vulnerabilities
This article has been indexed from Trend Micro Research, News and Perspectives Vulnerabilities in software and infrastructure are a fact of life for developers and SREs. But when you understand vulnerabilities, you can minimize their impact. Learn more about five…
This Week in Security News – March 18, 2022
This article has been indexed from Trend Micro Research, News and Perspectives Global Cyberattacks: Navigating New Frontiers: Trend Micro 2021 Annual Cybersecurity Report, and US Has ‘Significant’ Cyber Vulnerabilities, But A Sweeping Russian Cyberattack Is Unlikely Read the original article:…
Cyclops Blink Sets Sights on Asus Routers
This article has been indexed from Trend Micro Research, News and Perspectives This report discusses the technical capabilities of this Cyclops Blink malware variant that targets ASUS routers and includes a list of more than 150 current and historical command-and-control…
How to Build a Serverless API with Lambda and Node.js
This article has been indexed from Trend Micro Research, News and Perspectives Is your app server serving more stress than function? Explore this walkthrough for configuring and deploying a serverless API and discover the vast benefits of letting cloud services…
Utility Cybersecurity: Situational Awareness Cuts Risk
This article has been indexed from Trend Micro Research, News and Perspectives Trend Micro has released a technical report on how the electric utility industry can gain situational awareness across entire network. Read the original article: Utility Cybersecurity: Situational Awareness…
New Nokoyawa Ransomware Possibly Related to Hive
This article has been indexed from Trend Micro Research, News and Perspectives In March 2022, we came across evidence that another, relatively unknown, ransomware known as Nokoyawa is likely connected with Hive, as the two families share some striking similarities…
New RURansom Wiper Targets Russia
This article has been indexed from Trend Micro Research, News and Perspectives We analyze RURansom, a malware variant discovered to be targeting Russia. Originally suspected to be a ransomware because of its name, analysis reveals RURansom to be a wiper.…
This Week in Security News March 4, 2022
This article has been indexed from Trend Micro Research, News and Perspectives Global Cyberattacks: How to manage risk in times of chaos, and Ukraine-Russia cyber warzone splits cyber underground Read the original article: This Week in Security News March 4,…
Cyberattacks are Prominent in the Russia-Ukraine Conflict
This article has been indexed from Trend Micro Research, News and Perspectives Alongside the physical conflict happening between Russia and Ukraine, there have also been an increasing number of alleged cyberattacks perpetrated by different groups. Our research teams have verified…
5 Cloud Native Security Platform Must-haves
This article has been indexed from Trend Micro Research, News and Perspectives Discover 5 key security components to review and how to leverage a cloud native security platform with Mick McCluney (Trend Micro) and Kelly Griffin (AWS). Read the original…
Why IaC Security Should Matter to CISOs
This article has been indexed from Trend Micro Research, News and Perspectives Explore how secure infrastructure-as-code (IaC) enables security leaders to help DevOps teams quickly deliver more business value. Read the original article: Why IaC Security Should Matter to CISOs
SMS PVA Part 2: Underground Service for Cybercriminals
This article has been indexed from Trend Micro Research, News and Perspectives In part two of this blog entry, we further investigate the innings of smspva.net and discuss the impact and implications of such services. Read the original article: SMS…
This Week in Security News – February 25, 2022
This article has been indexed from Trend Micro Research, News and Perspectives Recent cyberattacks increasingly target open-source web servers, and US officials tell businesses to watch for potential ransomware attacks after Biden announces Russia sanctions Read the original article: This…
Ukraine Cyberattack 2022: Geopolitical Cybersecurity
This article has been indexed from Trend Micro Research, News and Perspectives As geopolitical tensions rise, so does pressure to enhance corporate cyber-resilience Read the original article: Ukraine Cyberattack 2022: Geopolitical Cybersecurity
SMS PVA Part 1: Underground Service for Cybercriminals
This article has been indexed from Trend Micro Research, News and Perspectives In this three-part blog entry, our team explored SMS PVA, a service built on top of a global bot network that compromises smartphone cybersecurity as we know it.…
Latest Mac Coinminer Utilizes Open-Source Binaries and the I2P Network
This article has been indexed from Trend Micro Research, News and Perspectives A Mac coinminer has been spotted using open-source components in its routine and the I2P Network to hide its traffic. We dive into old iterations of this malware,…
This Week in Security News – February 18, 2022
This article has been indexed from Trend Micro Research, News and Perspectives SMS PVA services’ use of infected Android phones reveals flaws in SMS verification, and ‘Russian state-sponsored cyber actors’ cited in hacks of U.S. defense contractors Read the original…
A Guide to the Well-Architected Framework
This article has been indexed from Trend Micro Research, News and Perspectives Discover the six pillars of the Amazon Web Services (AWS) and Azure Well-Architected Framework, examining best practices and design principles to leverage the cloud in a more efficient,…
SMS PVA Services’ Use of Infected Android Phones Reveals Flaws in SMS Verification
This article has been indexed from Trend Micro Research, News and Perspectives Certain SMS PVA services allow their customers to create disposable user profiles or register multiple accounts on many popular online platforms. These services can be abused by criminals…
Security Automation with Vision One & Palo Alto
This article has been indexed from Trend Micro Research, News and Perspectives Trend Micro Vision One™ integrates with Palo Alto Networks Cortex™ XSOAR to drive automated response to incidents uncovered by Vision One. Read the original article: Security Automation with…
3 cybersecurity trends & mitigation strategies for CISOs
This article has been indexed from Trend Micro Research, News and Perspectives Explore 3 cyber security trends and how to strategically mitigate future risks with Trend Micro’s Jon Clay, VP of threat intelligence and Ed Cabrera, chief cybersecurity officer. Read…
A Cloud Native Application Protection Platform Guide
This article has been indexed from Trend Micro Research, News and Perspectives In this article we explore CNAPP, the latest industry acronym coined by Gartner, and why devs need to know about it. Read the original article: A Cloud Native…
Cryptojacking Attacks Target Alibaba ECS Instances
This article has been indexed from Trend Micro Research, News and Perspectives Discover how some malicious groups disable features in Alibaba Cloud ECS instances for illicit mining of Monero. Read the original article: Cryptojacking Attacks Target Alibaba ECS Instances
Codex Exposed: Helping Hackers in Training?
This article has been indexed from Trend Micro Research, News and Perspectives How useful is the Codex code generator as a potential training tool? Read the original article: Codex Exposed: Helping Hackers in Training?
The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It
This article has been indexed from Trend Micro Research, News and Perspectives Information on the latest Samba vulnerability and how to protect systems against the threats that can exploit it. Read the original article: The Samba Vulnerability: What is CVE-2021-44142…
This Week in Security News – January 28th, 2022
This article has been indexed from Trend Micro Research, News and Perspectives Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read the…
Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems
This article has been indexed from Trend Micro Research, News and Perspectives In 2021, a team of researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service (DDS) standard and its implementations from…
TianySpy Malware Uses Smishing Disguised as Message From Telco
This article has been indexed from Trend Micro Research, News and Perspectives Trend Micro confirmed a new mobile malware infection chain targeting both Android and iPhone devices. The malware might have been designed to steal credentials associated with membership websites…
Investigating APT36 or Earth Karkaddan’s Attack Chain and Malware Arsenal
This article has been indexed from Trend Micro Research, News and Perspectives We investigated the most recent activities of APT36, also known as Earth Karkaddan, a politically motivated advanced persistent threat (APT) group, and discuss its use of CapraRAT, an…
Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware
This article has been indexed from Trend Micro Research, News and Perspectives We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection. Read the original article: Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware
Defending Users’ NAS Devices From Evolving Threats
This article has been indexed from Trend Micro Research, News and Perspectives In our latest research, we analyze the threats targeting well-known brands of network-attached storage (NAS) devices. Read the original article: Defending Users’ NAS Devices From Evolving Threats
Microservice Security: How to Proactively Protect Apps
This article has been indexed from Trend Micro Research, News and Perspectives Microservices are growing in popularity—how can development teams embed seamless security into the entire pipeline? Fernando Cardoso, solutions architect at Trend Micro, breaks it down for you. Read…
New Ransomware Spotted: White Rabbit and Its Evasion Tactics
This article has been indexed from Trend Micro Research, News and Perspectives We analyze the ransomware White Rabbit and bring into focus the familiar evasion tactics employed by this newcomer. Read the original article: New Ransomware Spotted: White Rabbit and…
Earth Lusca Employs Sophisticated Infrastructure, Varied Tools and Techniques
This article has been indexed from Trend Micro Research, News and Perspectives Our technical brief provides an in-depth look at Earth Lusca’s activities, the tools it employs in attacks, and the infrastructure it uses. Read the original article: Earth Lusca…
Cybersecurity for Industrial Control Systems: Part 1
This article has been indexed from Trend Micro Research, News and Perspectives In this two-part series, we look into various cybersecurity threats that affected industrial control systems endpoints. We also discuss several insights and recommendations to mitigate such threats. Read…
Analyzing an Old Bug and Discovering CVE-2021-30995
This article has been indexed from Trend Micro Research, News and Perspectives A vulnerability found in 2021 has been patched and re-patched in the months since it was reported. We analyze the bug and outline the process that led to…
LoRaWAN’s Protocol Stacks: The Forgotten Targets at Risk
This article has been indexed from Trend Micro Research, News and Perspectives This report is the fourth part of our LoRaWAN security series, and highlights an attack vector that, so far, has not attracted much attention: the LoRaWAN stack. The…
Uncovering and Defending Systems Against Attacks With Layers of Remote Control
This article has been indexed from Trend Micro Research, News and Perspectives The Trend Micro™ Managed XDR team addressed a stealthy multilayered attack that progressed from an exploited endpoint vulnerability to the use of legitimate remote access tools including Remote…
Codex Exposed: Exploring the Capabilities and Risks of OpenAI’s Code Generator
This article has been indexed from Trend Micro Research, News and Perspectives The first of a series of blog posts examines the security risks of Codex, a code generator powered by the GPT-3 engine. Read the original article: Codex Exposed:…
This Week in Security News – January 7th, 2022
This article has been indexed from Trend Micro Research, News and Perspectives This week, read about Log4j vulnerabilities in connected cars and charging stations and how iOS malware can fake iPhone shutdowns to snoop on cameras and microphones. Read the…
Workshop: Building Modern Applications with DevOps Security
This article has been indexed from Trend Micro Research, News and Perspectives In this workshop, you’ll learn how to leverage DevOps Security with your serverless applications running on AWS Lambda or containerized applications running on AWS Fargate. Learn how to…
Top 5 DevOps Resource Center Articles of 2021
This article has been indexed from Trend Micro Research, News and Perspectives We look back on the 5 most popular DevOps Resource Center articles in 2021 to help you build at your best in 2022. Read the original article: Top…
Examining Log4j Vulnerabilities in Connected Cars and Charging Stations
This article has been indexed from Trend Micro Research, News and Perspectives In this entry we look into how Log4j vulnerabilities affect devices or properties embedded in or used for connected cars, specifically chargers, in-vehicle infotainment systems, and digital remotes…
How to detect Apache HTTP Server Exploitation
This article has been indexed from Trend Micro Research, News and Perspectives With recent news of the critical, zero-day vulnerability Apache Log4Shell, we explore how to detect and protect your Apache HTTP servers. Read the original article: How to detect…
2022 Cybersecurity Trends for DevSecOps
This article has been indexed from Trend Micro Research, News and Perspectives Trying to adopt DevSecOps culture? Or already in the thick of it? Trend Research explores the cybersecurity trends for 2022 to enhance your security strategy and get the…
Are Endpoints at Risk for Log4Shell Attacks?
This article has been indexed from Trend Micro Research, News and Perspectives We created a free assessment tool for scanning devices to know whether it is at risk for Log4Shell attacks. Read the original article: Are Endpoints at Risk for…
Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
This article has been indexed from Trend Micro Research, News and Perspectives We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign. Read the original article: Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
Volatile and Adaptable: Tracking the Movements of Modern Ransomware
This article has been indexed from Trend Micro Research, News and Perspectives Trend Micro’s tracking of modern ransomware, as well as of older families, shows which attacks are gaining momentum and which families are particularly dangerous for enterprises and private…
Collecting In the Dark: Tropic Trooper Targets Transportation and Government
This article has been indexed from Trend Micro Research, News and Perspectives Our long-term monitoring of the cyberespionage group Earth Centaur (aka Tropic Trooper) shows that the threat actors are equipped with new tools and techniques. The group seems to…
A Look Into Purple Fox’s Server Infrastructure
This article has been indexed from Trend Micro Research, News and Perspectives By examining Purple Fox’s routines and activities, both with our initial research and the subject matter we cover in this blog post, we hope to help incident responders,…
Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited
This article has been indexed from Trend Micro Research, News and Perspectives Log4Shell., also known as CVE-2021-44228, was first reported privately to Apache on November 24 and was patched with version 2.15.0 of Log4j on December 9. It affects Apache…
New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes
This article has been indexed from Trend Micro Research, News and Perspectives We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these samples is that the files are code-signed. They also terminate various processes which are related…
This Week in Security News – December 10, 2021
This article has been indexed from Trend Micro Research, News and Perspectives This week, read about Trend Micro’s predictions for security in the coming year. Also, learn about the Biden administration’s latest initiatives for curtailing attacks on the transport infrastructure.…
The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs
This article has been indexed from Trend Micro Research, News and Perspectives In our study, we relied on the tactics, techniques, and procedures of MITRE ATT&CK to define the malware capabilities and characteristics of IoT Linux malware. We describe our…
Cybersecurity Trends for 2022
This article has been indexed from Trend Micro Research, News and Perspectives Explore Trend Micro Research’s security insights and predictions for 2022 to enable more informed and proactive decision-making. Read the original article: Cybersecurity Trends for 2022
Pushing Forward: Key Takeaways From Trend Micro’s Security Predictions for 2022
This article has been indexed from Trend Micro Research, News and Perspectives In this entry, we discuss several of our predictions that security professionals and decision-makers should know about to help them make informed decisions on various security fronts in…
This Week in Security News – December 3, 2021
This article has been indexed from Trend Micro Research, News and Perspectives This week, learn about how Squirrelwaffle utilized ProxyLogon and ProxyShell to hack email chains. Also, read on a recent data breach of the Los Angeles Planned Parenthood Network.…
Analyzing How TeamTNT Used Compromised Docker Hub Accounts
This article has been indexed from Trend Micro Research, News and Perspectives Following our previous disclosure of compromised Docker hub accounts delivering cryptocurrency miners, we analyze these accounts and discover more malicious actions that you need to be aware of.…
What You Can Do to Mitigate Cloud Misconfigurations
This article has been indexed from Trend Micro Research, News and Perspectives Cloud misconfigurations can become opportunities for cyberattacks or lead to data breaches. Organizations must mitigate them before incurring significant and costly consequences. Read the original article: What You…
AWS re:Invent 2021 Guide: Checklist & Key Sessions
This article has been indexed from Trend Micro Research, News and Perspectives Welcome to your complete guide to AWS re:Invent 2021, where you will find tips on how to get the most out of your conference experience both in Las…
A Complete Guide to Cloud-Native Application Security
This article has been indexed from Trend Micro Research, News and Perspectives Explore this comprehensive guide to application security, which provides an overview of the importance of embedding runtime application security controls in the application build workflow to protect cloud-native…
Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains
This article has been indexed from Trend Micro Research, News and Perspectives Squirrelwaffle is known for using the tactic of sending malicious spam as replies to existing email chains. We look into how by investigating its exploit of Microsoft Exchange…
A Guide to Ransomware: Prevention and Response
This article has been indexed from Trend Micro Research, News and Perspectives This article will provide guidelines aimed at helping readers understand how to detect and prevent ransomware and limit its effect. Read the original article: A Guide to Ransomware:…
Analyzing ProxyShell-related Incidents via Trend Micro Managed XDR
This article has been indexed from Trend Micro Research, News and Perspectives In this blog entry, we will take a look at the ProxyShell vulnerabilities that were being exploited in these events, and dive deeper into the notable post-exploitation routines…
Global Operations Lead to Arrests of Alleged Members of GandCrab/REvil and Cl0p Cartels
This article has been indexed from Trend Micro Research, News and Perspectives A total of 13 suspects believed to be members of two prolific cybercrime rings were arrested as a global coalition across five continents involving law enforcement and private…
Groups Target Alibaba ECS Instances for Cryptojacking
This article has been indexed from Trend Micro Research, News and Perspectives We looked at how some malicious groups disable features in Alibaba Cloud ECS instances for illicit mining of Monero. Read the original article: Groups Target Alibaba ECS Instances…
QAKBOT Loader Returns With New Techniques and Tools
This article has been indexed from Trend Micro Research, News and Perspectives QAKBOT operators resumed email spam operations towards the end of September after an almost three-month hiatus. QAKBOT detection has become a precursor to many critical and widespread ransomware…
TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments
This article has been indexed from Trend Micro Research, News and Perspectives Using a new batch of campaign samples, we take a look at its more recent cybercrime contributions and compare them with its previous deployments to demonstrate the group’s…
Cybersecurity Trends from the Global Pandemic
This article has been indexed from Trend Micro Research, News and Perspectives The past 18 months have presented new technology and challenges at an accelerated pace. The only way to keep up with a continuous demand for new features, running…
Compromised Docker Hub Accounts Abused for Cryptomining Linked to TeamTNT
This article has been indexed from Trend Micro Research, News and Perspectives In October 2021, we observed threat actors targeting poorly configured servers with exposed Docker REST APIs by spinning up containers from images that execute malicious scripts. Read the…
November Continues Streak of Quiet Patch Tuesdays
This article has been indexed from Trend Micro Research, News and Perspectives November continues a recent pattern of relatively peaceful Patch Tuesday cycles. There were only six vulnerabilities rated as Critical this month, with 49 more rated as Important for…
Void Balaur and the Rise of the Cybermercenary Industry
This article has been indexed from Trend Micro Research, News and Perspectives One of the most prolific cybermercenaries is Void Balaur, a Russian-speaking threat actor group that has launched attacks against different sectors and industries all over the world. Read…