Spot the Difference: Earth Kasha’s New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella 2024-11-19 at 11:01 By LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the group as Earth Kasha. We have identified a new campaign connected to this group with significant updates […]
React to this headline:
Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices 2024-11-18 at 11:33 By In this blog entry, we discuss Water Barghest’s exploitation of IoT devices, transforming them into profitable assets through advanced automation and monetization techniques. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices Read More »
Trend Micro and Japanese Partners Reveal Hidden Connections Among SEO Malware Operations 2024-11-11 at 11:18 By Trend Micro researchers, in collaboration with Japanese authorities, analyzed links between SEO malware families used in SEO poisoning attacks that lead users to fake shopping sites. This article is an excerpt from Trend Micro Research, News and Perspectives View
React to this headline:
Trend Micro and Japanese Partners Reveal Hidden Connections Among SEO Malware Operations Read More »
Breaking Down Earth Estries’ Persistent TTPs in Prolonged Cyber Operations 2024-11-08 at 02:00 By Discover how Earth Estries employs a diverse set of tactics, techniques, and tools, including malware such as Zingdoor and Snappybee, for its campaigns. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this
React to this headline:
Breaking Down Earth Estries’ Persistent TTPs in Prolonged Cyber Operations Read More »
SOC Around the Clock: World Tour Survey Findings 2024-11-05 at 05:49 By Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what SOC teams had to say. This article is an excerpt from Trend Micro Research, News
React to this headline:
SOC Around the Clock: World Tour Survey Findings Read More »
AI Pulse: Election Deepfakes, Disasters, Scams & more 2024-10-31 at 22:02 By In the final weeks before November’s U.S. election, cybersecurity experts were calling October 2024 the “month of mischief”—a magnet for bad actors looking to disrupt the democratic process through AI-generated misinformation. This issue of AI Pulse looks at what can be done about
React to this headline:
AI Pulse: Election Deepfakes, Disasters, Scams & more Read More »
Attacker Abuses Victim Resources to Reap Rewards from Titan Network 2024-10-30 at 09:47 By In this blog entry, we discuss how an attacker took advantage of the Atlassian Confluence vulnerability CVE-2023-22527 to connect servers to the Titan Network for cryptomining purposes. This article is an excerpt from Trend Micro Research, News and Perspectives View Original
React to this headline:
Attacker Abuses Victim Resources to Reap Rewards from Titan Network Read More »
Understanding the Initial Stages of Web Shell and VPN Threats: An MXDR Analysis 2024-10-24 at 12:33 By While cyberattacks that employ web shells and VPN compromise are not particularly novel, they are still prevalent. The recent incidents that Trend Micro MXDR analyzed highlight the importance of behavioral analysis and anomaly detection in security measures. This
React to this headline:
Understanding the Initial Stages of Web Shell and VPN Threats: An MXDR Analysis Read More »
Unmasking Prometei: A Deep Dive Into Our MXDR Findings 2024-10-23 at 16:23 By How does Prometei insidiously operate in a compromised system? This Managed Extended Detection and Response investigation conducted with the help of Trend Vision One provides a comprehensive analysis of the inner workings of this botnet so users can stop the threat in
React to this headline:
Unmasking Prometei: A Deep Dive Into Our MXDR Findings Read More »
Using gRPC and HTTP/2 for Cryptominer Deployment: An Unconventional Approach 2024-10-22 at 12:47 By In this blog entry, we discuss how malicious actors are exploiting Docker remote API servers via gRPC/h2c to deploy the cryptominer SRBMiner to facilitate their mining of XRP on Docker hosts. This article is an excerpt from Trend Micro Research, News
React to this headline:
Using gRPC and HTTP/2 for Cryptominer Deployment: An Unconventional Approach Read More »
Attackers Target Exposed Docker Remote API Servers With perfctl Malware 2024-10-21 at 18:33 By We observed an unknown threat actor abusing exposed Docker remote API servers to deploy the perfctl malware. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
Attackers Target Exposed Docker Remote API Servers With perfctl Malware Read More »
Gartner 2024 CNAPP Market Guide Insights for Leaders 2024-10-18 at 19:46 By As businesses increasingly pivot to cloud-native applications, the landscape of cybersecurity becomes ever more challenging. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
Gartner 2024 CNAPP Market Guide Insights for Leaders Read More »
How to Mitigate the Impact of Rogue AI Risks 2024-10-17 at 23:34 By This is the latest blog in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
How to Mitigate the Impact of Rogue AI Risks Read More »
Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data 2024-10-16 at 14:35 By This article uncovers a Golang ransomware abusing AWS S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions. This article is an excerpt
React to this headline:
Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data Read More »
Silent Threat: Red Team Tool EDRSilencer Disrupting Endpoint Security Solutions 2024-10-15 at 11:02 By Trend Micro’s Threat Hunting Team discovered EDRSilencer, a red team tool that threat actors are attempting to abuse for its ability to block EDR traffic and conceal malicious activity. This article is an excerpt from Trend Micro Research, News and Perspectives
React to this headline:
Silent Threat: Red Team Tool EDRSilencer Disrupting Endpoint Security Solutions Read More »
Water Makara Uses Obfuscated JavaScript in Spear Phishing Campaign, Targets Brazil With Astaroth Malware 2024-10-14 at 11:48 By Trend Micro researchers have uncovered a surge of malicious activities involving a threat actor group that we track as Water Makara. This group is targeting enterprises in Brazil, deploying banking malware using obfuscated JavaScript to slip past
React to this headline:
Earth Simnavaz Levies Advanced Cyberattacks Against UAE and Gulf Regions 2024-10-11 at 11:02 By Trend Micro’s investigation into the recent activity of Earth Simnavaz provides new insights into the APT group’s evolving tactics and the immediate threat it poses to critical sectors in the UAE. This article is an excerpt from Trend Micro Research, News
React to this headline:
Earth Simnavaz Levies Advanced Cyberattacks Against UAE and Gulf Regions Read More »
Rogue AI: What the Security Community is Missing 2024-10-03 at 11:46 By This is the fourth blog post in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
Rogue AI: What the Security Community is Missing Read More »
MDR in Action: Preventing The More_eggs Backdoor From Hatching 2024-09-30 at 18:16 By Trend Micro MDR (Managed Detection and Response) team promptly mitigated a more_eggs infection. Using Vision One, MDR illustrated how Custom Filters/Models and Security Playbook can be used to automate the response to more_eggs and similar threats. This article is an excerpt from
React to this headline:
MDR in Action: Preventing The More_eggs Backdoor From Hatching Read More »
Delivering Proactive Protection Against Critical Threats to NVIDIA-powered AI Systems 2024-09-27 at 18:16 By On Wednesday, NVIDA released updates to fix a critical vulnerability in its NVIDIA Container Toolkit, which, if exploited, could put a wide range of AI infrastructure and underlying data/secrets at risk. This article is an excerpt from Trend Micro Research, News
React to this headline:
Delivering Proactive Protection Against Critical Threats to NVIDIA-powered AI Systems Read More »