Integrated DFIR Tool Can Simplify and Accelerate Cyber Forensics

Credit to Author: Joyce Huang| Date: Thu, 07 Dec 2023 00:00:00 +0000

Explore real use cases demonstrating the transformative impact of Trend Vision One™ – Forensics, an integrated Digital Forensics and Incident Response (DFIR) tool

Read more

Modern Attack Surface Management for CISOs

Credit to Author: Alifiya Sadikali| Date: Wed, 06 Dec 2023 00:00:00 +0000

Today’s attack surface requires modern processes and security solutions. Explore the tenants of modern attack surface management (ASM) and what CISOs need to look for in an ASM solution.

Read more

Opening Critical Infrastructure: The Current State of Open RAN Security

Credit to Author: Salim S.I.| Date: Fri, 01 Dec 2023 00:00:00 +0000

The Open Radio Access Network (ORAN) architecture provides standardized interfaces and protocols to previously closed systems. However, our research on ORAN demonstrates the potential threat posed by malicious xApps that are capable of compromising the entire Ran Intelligent Controller (RIC) subsystem.

Read more

Cloud Security Predictions at AWS re:Invent 2023

Credit to Author: Jon Clay| Date: Mon, 27 Nov 2023 00:00:00 +0000

Heading to AWS re:Invent 2023? Don’t miss out on our talk with Melinda Marks, ESG Practice Director for Cybersecurity, about cloud detection and response (CDR) and what’s trending in cloud security.

Read more

Modern Attack Surface Management for Cloud Teams

Credit to Author: Alifiya Sadikali| Date: Mon, 27 Nov 2023 00:00:00 +0000

Today’s attack surface requires modern processes and security solutions. Explore the tenants of modern attack surface management (ASM) and what Cloud teams need to look for in an ASM solution.

Read more

ParaSiteSnatcher: How Malicious Chrome Extensions Target Brazil

Credit to Author: Aliakbar Zahravi| Date: Thu, 23 Nov 2023 00:00:00 +0000

We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.

Read more

Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing

Credit to Author: Hitomi Kimura| Date: Wed, 22 Nov 2023 00:00:00 +0000

The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.

Read more

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

Credit to Author: Peter Girnus| Date: Mon, 20 Nov 2023 00:00:00 +0000

We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.

Read more

ALPHV/BlackCat Take Extortion Public

Credit to Author: Jon Clay| Date: Fri, 17 Nov 2023 00:00:00 +0000

Learn more about ALPHV filing a complaint with the Security and Exchange Commission (SEC) against their victim, which appears to be an attempt to influence MeridianLink to pay the ransom sooner than later.

Read more