Tag: Trend Micro Research, News and Perspectives

Trend Micro researchers have uncovered a surge of malicious activities involving a threat actor group that we track as Water Makara. This group is targeting enterprises in Brazil, deploying banking malware using obfuscated JavaScript to slip past security defenses. This…

Read more →

Trend Micro’s investigation into the recent activity of Earth Simnavaz provides new insights into the APT group’s evolving tactics and the immediate threat it poses to critical sectors in the UAE. This article has been indexed from Trend Micro Research,…

Read more →

A deep-dive into how AI-driven solutions from Trend Micro leveraging the NVIDIA AI Enterprise software platform are elevating security across critical industries This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Harnessing AI…

Read more →

This is the fourth blog post in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Rogue…

Read more →

Trend Micro MDR (Managed Detection and Response) team promptly mitigated a more_eggs infection. Using Vision One, MDR illustrated how Custom Filters/Models and Security Playbook can be used to automate the response to more_eggs and similar threats. This article has been…

Read more →

On Wednesday, NVIDA released updates to fix a critical vulnerability in its NVIDIA Container Toolkit, which, if exploited, could put a wide range of AI infrastructure and underlying data/secrets at risk. This article has been indexed from Trend Micro Research,…

Read more →

Discover how to use the Cybersecurity Compass to foster effective conversations about cybersecurity strategy between non-technical and technical audiences, focusing on the phases of before, during, and after a breach. This article has been indexed from Trend Micro Research, News…

Read more →

Trend Micro tracked this group as Water Bakunawa, behind the RansomHub ransomware, employs various anti-EDR techniques to play a high-stakes game of hide and seek with security solutions. This article has been indexed from Trend Micro Research, News and Perspectives…

Read more →

We observed Earth Baxia carrying out targeted attacks against APAC countries that involved advanced techniques like spear-phishing and customized malware, with data suggesting that the group operates from China. This article has been indexed from Trend Micro Research, News and…

Read more →

Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base…

Read more →

In this blog entry, we provide an analysis of the recent remote code execution attacks related to Progress Software’s WhatsUp Gold that possibly abused the vulnerabilities CVE-2024-6670 and CVE-2024-6671. This article has been indexed from Trend Micro Research, News and…

Read more →

In this blog entry, we discuss our analysis of Earth Preta’s enhancements in their attacks by introducing new tools, malware variants and strategies to their worm-based attacks and their time-sensitive spear-phishing campaign. This article has been indexed from Trend Micro…

Read more →

Our research reveals that an unidentified threat cluster we named TIDRONE have shown significant interest in military-related industry chains, particularly in the manufacturers of drones. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…

Read more →

Notorious Mekotio and BBTok are having a resurgence targeting Latin American users. Mekotio’s latest variant suggests the gang behind it is broadening their target, while BBTok is seen abusing MSBuild.exe to evade detection. This article has been indexed from Trend…

Read more →

While monitoring Earth Lusca, we discovered the threat group’s use of KTLVdoor, a highly obfuscated multiplatform backdoor, as part of a large-scale attack campaign. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

This is the second blog in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How AI…

Read more →

Trend Micro discovered that old Atlassian Confluence versions that were affected by CVE-2023-22527 are being exploited using a new in-memory fileless backdoor. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Silent Intrusions:…

Read more →

Threat actors are targeting users in the Middle East by distributing sophisticated malware disguised as the Palo Alto GlobalProtect tool. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Threat Actors Target the…

Read more →

A technical analysis on how CVE-2023-22527 can be exploited by malicious actors for cryptojacking attacks that can spread across the victim’s system. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cryptojacking via…

Read more →

The quicker a cyberattack is identified, the less it costs. Jon Clay, VP of Threat Intelligence, reviews seven key initial attack vectors and provides proactive security tips to help you reduce cyber risk across the attack surface. This article has…

Read more →

Using the Trend Micro Vision One platform, our MDR team was able to quickly identify and contain a Play ransomware intrusion attempt. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How Trend…

Read more →

This is the first blog in a series on Rogue AI. Later articles will include technical guidance, case studies and more. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Rogue AI is…

Read more →

Since late 2022, Earth Baku has broadened its scope from the Indo-Pacific region to Europe, the Middle East, and Africa. Their latest operations demonstrate sophisticated techniques, such as exploiting public-facing applications like IIS servers for initial access and deploying the…

Read more →

This article by Trend Micro CEO Eva Chen brings focus back to striking the cybersecurity strategies balance between business C-suite and information technology (IT) departments. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…

Read more →

Explore how the Cybersecurity Compass can guide various security professionals’ and stakeholders’ decision-making before, during, and after a breach. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cybersecurity Compass: An Integrated Cyber…

Read more →

We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites. This article has been indexed from Trend Micro Research, News and Perspectives…

Read more →

The second edition of AI Pulse is all about AI regulation: what’s coming, why it matters, and what might happen without it. We look at Brazil’s hard não to Meta, how communities are pushing back against AI training data use,…

Read more →

Trend Micro research uncovers new cybercrime tools posing increased threats to security, highlighting the rapid evolution of AI-powered hacking services and their potential for mass exploitation This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Read more →

It’s clear that generative AI is a permanent addition to the enterprise IT toolbox. For CISOs, the pressure is on to roll out AI security policies and technologies that can mitigate very real and present risks. This article has been…

Read more →

Security awareness and measures to detect and prevent sophisticated risks associated with QR code-based phishing attacks (quishing) This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: QR Codes: Convenience or Cyberthreat?

Read more →

Intruders are drawn to enterprise IT environments the way mice are attracted to houses. And once either kind of invader is inside, they can be hard to get out. Network detection and response (NDR) lets you trace intruders’ pathways to…

Read more →

Trend Micro threat hunters discovered that the Play ransomware group has been deploying a new Linux variant that targets ESXi environments. Read our blog entry to know more. This article has been indexed from Trend Micro Research, News and Perspectives…

Read more →

We check the OpenSSH vulnerabilities CVE-2024–6387 and CVE-2024-6409, examining their potential real-world impact and the possibility of exploitation for CVE-2024–6387 in x64 systems. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: The…

Read more →

Trend Micro partners with IBM to offer advanced threat detection and response for protecting critical infrastructures running on IBM Power servers This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Teaming up with…

Read more →

Our threat hunters discovered CVE-2024-38112, which was used as a zero-day by APT group Void Banshee, to access and execute files through the disabled Internet Explorer using MSHTML. We promptly identified and reported this zero-day vulnerability to Microsoft, and it…

Read more →

In 2023, the cryptocurrency industry faced a significant increase in illicit activities, including money laundering, fraud, and ransomware attacks. Ransomware attacks were especially prevalent and profitable for attackers. However, other forms of criminal activity also saw a rise. This article…

Read more →

Cybersecurity teams are well-equipped to handle threats to technology assets that they manage. But with unmanaged devices providing ideal spots for attackers to lurk unseen, network detection and response capabilities have become vitally important. This article has been indexed from…

Read more →

Cybersecurity is a growing concern in today’s digital age, as more sensitive information is stored and transmitted online. With the rise of cryptocurrencies, there has also been a rise in crypto-crimes, which pose a significant threat to the security of…

Read more →

In this blog entry, we will discuss how the Jenkins Script Console can be weaponized by attackers for cryptomining activity if not configured properly. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

We’ve recently seen a surge in attacks involving the Mekotio banking trojan. In this blog entry, we’ll provide an overview of the trojan and what it does. This article has been indexed from Trend Micro Research, News and Perspectives Read…

Read more →

We analyze the multi-stage loading technique used by Water Sigbin to deliver the PureCrypter loader and XMRIG crypto miner. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Examining Water Sigbin’s Infection Routine…

Read more →

In this blog we uncover threat actors using the 2024 Olympics to lure victims into investing in an initial coin offering (ICO). Similar schemes have been found to use AI-generated images for their fake ICO websites. This article has been…

Read more →

To test the effectiveness of managed services like our Trend Micro managed detection and response offering, MITRE Engenuity™ combined the tools, techniques, and practices of two globally notorious bad actors: menuPass and ALPHV/BlackCat. This blog tells the story of why…

Read more →

The latest Omdia Vulnerability Report shows Trend MicroTM Zero Day InitiativeTM (ZDI) spearheaded 60% of 2023 disclosures, underscoring its role in cybersecurity threat prevention. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in 2023. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Worldwide 2023 Email Phishing…

Read more →

We recently discovered a new threat actor group that we dubbed Void Arachne. This group targets Chinese-speaking users with malicious Windows Installer (MSI) files in a recent campaign. These MSI files contain legitimate software installer files for AI software and…

Read more →

The latest MITRE Engenuity ATT&CK Evaluations pitted leading managed detection and response (MDR) services against threats modeled on the menuPass and BlackCat/AlphV adversary groups. Trend Micro achieved 100% detection across all 15 major attack steps with an 86% actionable rate…

Read more →

This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime. This article has been indexed from Trend Micro Research, News and Perspectives…

Read more →

We analyze a cryptojacking attack campaign exploiting exposed Docker remote API servers to deploy cryptocurrency miners, using Docker images from the open-source Commando project. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

In this blog entry, our researchers provide an analysis of TargetCompany ransomware’s Linux variant and how it targets VMware ESXi environments using new methods for payload delivery and execution. This article has been indexed from Trend Micro Research, News and…

Read more →

In its ninth year, the annual SANS Threat Hunting Survey delves into global organizational practices in threat hunting, shedding light on the challenges and adaptations in the landscape over the past year. This article has been indexed from Trend Micro…

Read more →

You may have EDR, but did you know you can add threat detection and response to improve a SecOps team’s efficiency and outcomes – read more. This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Read more →

Discover Trend Micro’s integration of NVIDIA NIM to deliver an AI-driven cybersecurity solution for next-generation data centers. Engage with experts, explore demos, and learn strategies for securing AI data centers and optimizing cloud performance. This article has been indexed from…

Read more →

Water Sigbin (aka the 8220 Gang) exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against.…

Read more →

Discover the latest innovations in cyber defense and Trend’s expert insights on AI, data security, and emerging threats This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: 2 Weeks Out: Evolution at RSAC…

Read more →

In the ever-evolving landscape of cybersecurity, staying ahead of malicious actors requires a multifaceted approach. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: ISPM & ITDR Synergize for AI-Based Identity Security

Read more →

This report describes how Waterbear and Deuterbear — two of the tools in Earth Hundun’s arsenal — operate, based on a campaign from 2024. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

Cheap and easy access to AI makes it harder to detect state-sponsored and homegrown campaigns during this election year This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Deepfakes and AI-Driven Disinformation Threaten…

Read more →

This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm’s exploitation of EdgeRouters, complementing the FBI’s advisory from February 27, 2024. This article has been indexed from Trend Micro Research, News and Perspectives Read…

Read more →

In this blog entry, we discuss Trend Micro’s contributions to an Interpol-coordinated operation to help Brazilian and Spanish law enforcement agencies analyze malware samples of the Grandoreiro banking trojan. This article has been indexed from Trend Micro Research, News and…

Read more →

On April 18, 2024, the UK’s Metropolitan Police Service and others conducted an operation that succeeded in taking down the Phishing-as-a-Service provider LabHost. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: The…

Read more →

Learn how far cybersecurity has come from scattered resources to consolidation the future. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cybersecurity Decluttered: A Journey to Consolidation

Read more →

Our blog entry provides an in-depth analysis of Earth Hundun’s Waterbear and Deuterbear malware. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cyberespionage Group Earth Hundun’s Continuous Refinement of Waterbear and Deuterbear

Read more →

Our new article provides key highlights and takeaways from Operation Cronos’ disruption of LockBit’s operations, as well as telemetry details on how LockBit actors operated post-disruption. This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Read more →

This article provides an in-depth look into two techniques used by Earth Freybug actors: dynamic-link library (DLL) hijacking and application programming interface (API) unhooking to prevent child processes from being monitored via a new malware we’ve discovered and dubbed UNAPIMON.…

Read more →

This blog entry discusses the Agenda ransomware group’s use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Agenda Ransomware…

Read more →

On February 26, 2024, the National Institute of Standards and Technology (NIST) released the official 2.0 version of the Cyber Security Framework (CSF). This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: NIST…

Read more →

Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Jenkins Args4j CVE-2024-23897: Files Exposed, Code at…

Read more →

Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa. This article has been indexed from Trend Micro Research,…

Read more →

Explore two RPA and AI/ML use cases at HUD during the operational challenges of the longest US Government shutdown, a rigid legacy IT environment, and complex federal regulations. This article has been indexed from Trend Micro Research, News and Perspectives…

Read more →

Discover the fascinating world of AI, ML, and RPA and their real-world applications including the creation of a custom RPA bot for collecting rare sports memorabilia. This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Read more →

The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Multistage RA World Ransomware…

Read more →

Overworked CISOs are struggling to deliver the cybersecurity results their organizations expect. Fortunately, there are concrete and practical ways they can make their lives easier—while managing cyber risk effectively. This article has been indexed from Trend Micro Research, News and…

Read more →

This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry. This…

Read more →

During our monitoring of Earth Lusca, we noticed a new campaign that used Chinese-Taiwanese relations as a social engineering lure to infect selected targets. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

This research is the result of our collaboration with the National Crime Agency in the United Kingdom, who took action against LockBit as part of Operation Cronos, an international effort resulting in the undermining of its operations. This article has…

Read more →

Explore the first article in this series about AI, ML, and RPA, which aims to demystify and explore the full spectrum of these core technologies. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…

Read more →

In this blog entry, we focus on Earth Preta’s campaign that employed a variant of the DOPLUGS malware to target Asian countries. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Earth Preta…

Read more →

Discover how to strategically present security controls to the board to better manage cyber risk. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cyber Risk Management: Bring Security to the Boardroom

Read more →

The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero…

Read more →

This entry aims to provide additional context to CVE-2024-21412, how it can be used by threat actors, and how Trend protects customers from this specific vulnerability. This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Read more →

After a full year of life with ChatGPT cybersecurity experts have a clearer sense of how criminals are using generative AI to enhance attacks – learn what generative AI means for cybersecurity in 2024. This article has been indexed from…

Read more →

In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution. This article has been indexed from Trend Micro Research, News and…

Read more →

Attacks don’t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers—including the cloud—for more proactive risk management. This article has been indexed from Trend Micro Research, News…

Read more →

Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted.…

Read more →

Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging environments. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Prevent BEC with AI-Powered…

Read more →

In this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the actors behind it have acquired access to the source code of the notorious BlackMatter ransomware. This article has been indexed from…

Read more →

Explore why Trend Micro is recognized—for the 18th time—as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: 18X a Leader in…

Read more →

Here’s the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Reduce Business Email Compromise with…

Read more →

Explore how a risk-based cybersecurity approach is critical to proactively stop dynamic, ever-evolving threats. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Embracing a risk-based cybersecurity approach with ASRM

Read more →

This blog delves into the Phemedrone Stealer campaign’s exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware’s payload. This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Accelerating into 2024 with NEOM McLaren Formula…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Build Cyber Resilience with Distributed Energy Systems

Read more →

Explore the results of a Sapio Research survey commissioned by Trend Micro about how CISOs and other technology leaders are overcoming today’s biggest challenges. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

In this blog entry, we discuss the technical details of CVE-2023-50164, a critical vulnerability that affects Apache Struts 2 and enables unauthorized path traversal. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

Today’s attack surface requires modern processes and security solutions. Explore the tenants of modern attack surface management (ASM) and what SecOps need to look for in an ASM solution. This article has been indexed from Trend Micro Research, News and…

Read more →

EU’s Cyber Resilience Act urges vendors to embrace security-by-design, establishing standards in global tech protocols. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How the EU Cyber Resilience Act Impacts Manufacturers

Read more →

This blog entry delves into MxDR’s unraveling of the AsyncRAT infection chain across multiple cases, shedding light on the misuse of aspnet_compiler.exe, a legitimate Microsoft process originally designed for precompiling ASP.NET web applications. This article has been indexed from Trend…

Read more →

Trend has been securing web access for over a decade with forward-looking innovation and a global footprint to support our customer’s security strategy. We are committed to our customers’ journey of transforming their current security posture, aligning with Zero Trust…

Read more →

Explore real use cases demonstrating the transformative impact of Trend Vision One™ – Forensics, an integrated Digital Forensics and Incident Response (DFIR) tool This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Integrated…

Read more →