Trend Micro Research : Exploits & Vulnerabilities

Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Latest News, Trend Micro Research : Research /

Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits 2025-10-15 at 23:22 By Trend™ Research has uncovered an attack campaign exploiting the Cisco SNMP vulnerability CVE-2025-20352, allowing remote code execution and rootkit deployment on unprotected devices, with impacts observed on Cisco 9400, 9300, and legacy 3750G series. This article is an excerpt from […]

React to this headline:

Loading spinner

Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits Read More »

Trend Micro launches new integration with Zscaler to deliver real-time, Risk-Based Zero Trust Access

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Security Strategies /

Trend Micro launches new integration with Zscaler to deliver real-time, Risk-Based Zero Trust Access 2025-10-15 at 02:22 By Discover how Trend Vision One™ integrates with Zscaler to unify detection and access enforcement, accelerate threat containment, reduce dwell time, and deliver seamless Zero Trust protection for modern enterprises. This article is an excerpt from Trend Micro

React to this headline:

Loading spinner

Trend Micro launches new integration with Zscaler to deliver real-time, Risk-Based Zero Trust Access Read More »

How Your AI Chatbot Can Become a Backdoor

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Artificial Intelligence (AI), Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

How Your AI Chatbot Can Become a Backdoor 2025-10-08 at 17:54 By In this post of THE AI BREACH, learn how your Chatbot can become a backdoor. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

How Your AI Chatbot Can Become a Backdoor Read More »

What’s Your Cybersecurity Maturity?

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Data center, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Security Strategies /

What’s Your Cybersecurity Maturity? 2025-09-10 at 10:53 By This blog post looks at four key milestones along the cybersecurity maturity journey and poses some questions you can ask to determine the stage of your organization’s progress. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

What’s Your Cybersecurity Maturity? Read More »

Crypto24 Ransomware Group Blends Legitimate Tools with Custom Malware for Stealth Attacks

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Ransomware, Trend Micro Research : Research /

Crypto24 Ransomware Group Blends Legitimate Tools with Custom Malware for Stealth Attacks 2025-08-14 at 11:38 By Crypto24 is a ransomware group that stealthily blends legitimate tools with custom malware, using advanced evasion techniques to bypass security and EDR technologies. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React

React to this headline:

Loading spinner

Crypto24 Ransomware Group Blends Legitimate Tools with Custom Malware for Stealth Attacks Read More »

Proactive Security and Insights for SharePoint Attacks (CVE-2025-53770 and CVE-2025-53771)

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

Proactive Security and Insights for SharePoint Attacks (CVE-2025-53770 and CVE-2025-53771) 2025-07-22 at 02:18 By CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse. This article is an excerpt from Trend Micro Research, News and Perspectives View Original

React to this headline:

Loading spinner

Proactive Security and Insights for SharePoint Attacks (CVE-2025-53770 and CVE-2025-53771) Read More »

NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk 2025-04-28 at 11:46 By Trend Research uncovered misconfigurations in NVIDIA Riva deployments, with two vulnerabilities, CVE-2025-23242 and CVE-2025-23243, contributing to their exposure. These security flaws could lead to unauthorized access, resource abuse, and potential misuse or theft of AI-powered inference services, including speech recognition

React to this headline:

Loading spinner

NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk Read More »

Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Research /

Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks 2025-04-10 at 12:16 By A previously disclosed vulnerability in NVIDIA Container Toolkit has an incomplete patch, which, if exploited, could put a wide range of AI infrastructure and sensitive data at risk. This article is an excerpt from Trend Micro Research, News

React to this headline:

Loading spinner

Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks Read More »

CTEM + CREM: Aligning Your Cybersecurity Strategy

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Compliance & Risks, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Expert Perspective, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network /

CTEM + CREM: Aligning Your Cybersecurity Strategy 2025-04-09 at 05:41 By Cyber threats evolve daily, and organizations need to move beyond traditional security approaches to stay ahead. That’s why Continuous Threat Exposure Management (CTEM), a concept introduced by Gartner, has been gaining traction. CTEM isn’t just another cybersecurity buzzword; it’s a structured, continuous program designed

React to this headline:

Loading spinner

CTEM + CREM: Aligning Your Cybersecurity Strategy Read More »

A Deep Dive into Water Gamayun’s Arsenal and Infrastructure

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

A Deep Dive into Water Gamayun’s Arsenal and Infrastructure 2025-03-28 at 17:54 By Trend Research discusses the delivery methods, custom payloads, and techniques used by Water Gamayun, the suspected Russian threat actor abusing a zero-day vulnerability in the Microsoft Management Console framework (CVE-2025-26633) to execute malicious code on infected machines. This article is an excerpt

React to this headline:

Loading spinner

A Deep Dive into Water Gamayun’s Arsenal and Infrastructure Read More »

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin 2025-03-25 at 17:18 By Trend Research identified Russian threat actor Water Gamayun exploiting CVE-2025-26633, a zero-day vulnerability in the Microsoft Management Console that attackers exploit to execute malicious code and exfiltrate data. This article is an excerpt from Trend Micro Research, News and Perspectives View Original

React to this headline:

Loading spinner

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin Read More »

ZDI-CAN-25373: Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

ZDI-CAN-25373: Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns 2025-03-21 at 07:21 By Trend Zero Day Initiative™ (ZDI) uncovered both state-sponsored and cybercriminal groups extensively exploiting ZDI-CAN-25373, a Windows .lnk file vulnerability that enables hidden command execution. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React

React to this headline:

Loading spinner

ZDI-CAN-25373: Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns Read More »

CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks 2025-02-04 at 11:10 By The ZDI team offers an analysis on how CVE-2025-0411, a zero-day vulnerability in 7-Zip, was actively exploited to target Ukrainian organizations in a SmokeLoader campaign involving homoglyph attacks. This article is an excerpt from Trend Micro Research, News and Perspectives View

React to this headline:

Loading spinner

CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks Read More »

Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR

Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research, Trend Micro Research : Risk Management /

Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR 2025-01-15 at 05:19 By This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR Read More »

What We Know About CVE-2024-49112 and CVE-2024-49113

Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

What We Know About CVE-2024-49112 and CVE-2024-49113 2025-01-04 at 09:48 By This blog entry provides an overview of CVE-2024-49112 and CVE-2024-49113 and includes information that IT and SOC professionals need to know to stay protected against possible exploitation. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to

React to this headline:

Loading spinner

What We Know About CVE-2024-49112 and CVE-2024-49113 Read More »

Link Trap: GenAI Prompt Injection Attack

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Artificial Intelligence (AI), Trend Micro Research : Cyber Threats, Trend Micro Research : Data center, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Security Strategies /

Link Trap: GenAI Prompt Injection Attack 2024-12-17 at 03:20 By Prompt injection exploits vulnerabilities in generative AI to manipulate its behavior, even without extensive permissions. This attack can expose sensitive data, making awareness and preventive measures essential. Learn how it works and how to stay protected. This article is an excerpt from Trend Micro Research,

React to this headline:

Loading spinner

Link Trap: GenAI Prompt Injection Attack Read More »

MITRE ATT&CK 2024 Results for Enterprise Security

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Ransomware, Trend Micro Research : Reports /

MITRE ATT&CK 2024 Results for Enterprise Security 2024-12-11 at 19:18 By Enterprise 2024 will incorporate multiple, smaller emulations for a more nuanced and targeted evaluation of defensive capabilities. We’re excited to offer two distinct adversary focus areas: Ransomware targeting Windows and Linux, and the Democratic People’s Republic of Korea’s targeting macOS. This article is an

React to this headline:

Loading spinner

MITRE ATT&CK 2024 Results for Enterprise Security Read More »

Delivering Proactive Protection Against Critical Threats to NVIDIA-powered AI Systems

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Artificial Intelligence (AI), Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Data center, Trend Micro Research : Exploits & Vulnerabilities /

Delivering Proactive Protection Against Critical Threats to NVIDIA-powered AI Systems 2024-09-27 at 18:16 By On Wednesday, NVIDA released updates to fix a critical vulnerability in its NVIDIA Container Toolkit, which, if exploited, could put a wide range of AI infrastructure and underlying data/secrets at risk. This article is an excerpt from Trend Micro Research, News

React to this headline:

Loading spinner

Delivering Proactive Protection Against Critical Threats to NVIDIA-powered AI Systems Read More »

Vulnerabilities in Cellular Packet Cores Part IV: Authentication

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Research /

Vulnerabilities in Cellular Packet Cores Part IV: Authentication 2024-09-18 at 13:46 By Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base stations, disrupting network

React to this headline:

Loading spinner

Vulnerabilities in Cellular Packet Cores Part IV: Authentication Read More »

Protecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

Protecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities 2024-09-12 at 12:46 By In this blog entry, we provide an analysis of the recent remote code execution attacks related to Progress Software’s WhatsUp Gold that possibly abused the vulnerabilities CVE-2024-6670 and CVE-2024-6671. This article is an excerpt from Trend Micro Research, News and Perspectives View Original

React to this headline:

Loading spinner

Protecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities Read More »

Scroll to Top