Trend Micro Research : Exploits & Vulnerabilities

Omdia Report: Trend Disclosed 60% of Vulnerabilities

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Reports /

Omdia Report: Trend Disclosed 60% of Vulnerabilities 2024-06-25 at 15:16 By The latest Omdia Vulnerability Report shows Trend MicroTM Zero Day InitiativeTM (ZDI) spearheaded 60% of 2023 disclosures, underscoring its role in cybersecurity threat prevention. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Omdia Report: Trend Disclosed 60% of Vulnerabilities Read More »

Not Just Another 100% Score: MITRE ENGENIUTY ATT&CK

Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities /

Not Just Another 100% Score: MITRE ENGENIUTY ATT&CK 2024-06-18 at 19:32 By The latest MITRE Engenuity ATT&CK Evaluations pitted leading managed detection and response (MDR) services against threats modeled on the menuPass and BlackCat/AlphV adversary groups. Trend Micro achieved 100% detection across all 15 major attack steps with an 86% actionable rate for those steps—

React to this headline:

Loading spinner

Not Just Another 100% Score: MITRE ENGENIUTY ATT&CK Read More »

Decoding Water Sigbin’s Latest Obfuscation Tricks

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Reports, Trend Micro Research : Research /

Decoding Water Sigbin’s Latest Obfuscation Tricks 2024-05-30 at 08:09 By Water Sigbin (aka the 8220 Gang) exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against. This article is an excerpt

React to this headline:

Loading spinner

Decoding Water Sigbin’s Latest Obfuscation Tricks Read More »

Jenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

Jenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk 2024-03-19 at 10:04 By Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Jenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk Read More »

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Ransomware /

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities 2024-02-27 at 10:18 By This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry. This

React to this headline:

Loading spinner

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities Read More »

SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Expert Perspective, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes 2024-02-13 at 22:16 By This entry aims to provide additional context to CVE-2024-21412, how it can be used by threat actors, and how Trend protects customers from this specific vulnerability. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes Read More »

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day 2024-02-13 at 22:16 By The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day

React to this headline:

Loading spinner

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day Read More »

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks

Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks 2024-02-07 at 11:33 By In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution. This article is an excerpt from Trend Micro Research, News

React to this headline:

Loading spinner

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks Read More »

Unifying Cloud Security Beyond Siloes

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Data center, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Security Strategies /

Unifying Cloud Security Beyond Siloes 2024-02-06 at 20:32 By Attacks don’t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers—including the cloud—for more proactive risk management. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React

React to this headline:

Loading spinner

Unifying Cloud Security Beyond Siloes Read More »

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Phishing, Trend Micro Research : Research /

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets 2024-01-31 at 10:02 By Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted. This

React to this headline:

Loading spinner

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets Read More »

18X a Leader in Gartner Magic Quadrant for EPP

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Reports /

18X a Leader in Gartner Magic Quadrant for EPP 2024-01-23 at 01:17 By Explore why Trend Micro is recognized—for the 18th time—as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

18X a Leader in Gartner Magic Quadrant for EPP Read More »

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign 2024-01-12 at 09:46 By This blog delves into the Phemedrone Stealer campaign’s exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware’s payload. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React

React to this headline:

Loading spinner

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign Read More »

Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit

Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Latest News, Trend Micro Research : Research /

Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit 15/12/2023 at 10:50 By In this blog entry, we discuss the technical details of CVE-2023-50164, a critical vulnerability that affects Apache Struts 2 and enables unauthorized path traversal. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this

React to this headline:

Loading spinner

Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit Read More »

Opening Critical Infrastructure: The Current State of Open RAN Security

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : ICS OT, Trend Micro Research : Research /

Opening Critical Infrastructure: The Current State of Open RAN Security 01/12/2023 at 11:17 By The Open Radio Access Network (ORAN) architecture provides standardized interfaces and protocols to previously closed systems. However, our research on ORAN demonstrates the potential threat posed by malicious xApps that are capable of compromising the entire Ran Intelligent Controller (RIC) subsystem.

React to this headline:

Loading spinner

Opening Critical Infrastructure: The Current State of Open RAN Security Read More »

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Research /

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits 20/11/2023 at 12:17 By We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner. This article is an excerpt from Trend Micro Research, News and Perspectives

React to this headline:

Loading spinner

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits Read More »

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Ransomware, Trend Micro Research : Research /

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518 10/11/2023 at 13:18 By We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518 Read More »

Beware: Lumma Stealer Distributed via Discord CDN

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Research /

Beware: Lumma Stealer Distributed via Discord CDN 16/10/2023 at 11:31 By This blog discusses how threat actors abuse Discord’s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React

React to this headline:

Loading spinner

Beware: Lumma Stealer Distributed via Discord CDN Read More »

Exposing Infection Techniques Across Supply Chains and Codebases

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Mobile, Trend Micro Research : Network, Trend Micro Research : Research /

Exposing Infection Techniques Across Supply Chains and Codebases 05/10/2023 at 12:47 By This entry delves into threat actors’ intricate methods to implant malicious payloads within seemingly legitimate applications and codebases. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Exposing Infection Techniques Across Supply Chains and Codebases Read More »

Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Latest News /

Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign 21/09/2023 at 20:01 By This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to

React to this headline:

Loading spinner

Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign Read More »

Attacks on 5G Infrastructure From Users’ Devices

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : ICS OT, Trend Micro Research : IoT, Trend Micro Research : Malware, Trend Micro Research : Mobile, Trend Micro Research : Network, Trend Micro Research : Privacy & Risks /

Attacks on 5G Infrastructure From Users’ Devices 20/09/2023 at 11:03 By Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed,

React to this headline:

Loading spinner

Attacks on 5G Infrastructure From Users’ Devices Read More »

Scroll to Top