Fileless Attacks Prompt Intel’s Next-Gen Security

Credit to Author: Lonny Huffar| Date: Thu, 11 Apr 2024 00:00:00 +0000

Discover how Trend is strengthening its endpoint solutions to detect fileless attacks earlier. By leveraging Intel Threat Detection Technology, Trend enhances the scalability and resiliency of its solutions.

Read more

Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption

Credit to Author: Christopher Boyton| Date: Wed, 03 Apr 2024 00:00:00 +0000

Our new article provides key highlights and takeaways from Operation Cronos’ disruption of LockBit’s operations, as well as telemetry details on how LockBit actors operated post-disruption.

Read more

Why a Cloud Security Platform Approach is Critical

Credit to Author: Fernando Cardoso| Date: Wed, 03 Apr 2024 00:00:00 +0000

Explore how a cybersecurity platform with attack surface management and runtime protection capabilities can enhance your cloud security posture.

Read more

Earth Freybug Uses UNAPIMON for Unhooking Critical APIs

Credit to Author: Christopher So| Date: Tue, 02 Apr 2024 00:00:00 +0000

This article provides an in-depth look into two techniques used by Earth Freybug actors: dynamic-link library (DLL) hijacking and application programming interface (API) unhooking to prevent child processes from being monitored via a new malware we’ve discovered and dubbed UNAPIMON.

Read more

TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types

Credit to Author: Junestherry Dela Cruz| Date: Tue, 19 Mar 2024 00:00:00 +0000

CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.

Read more

Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks

Credit to Author: Joseph C Chen| Date: Mon, 18 Mar 2024 00:00:00 +0000

Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa.

Read more

CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign

Credit to Author: Peter Girnus| Date: Wed, 13 Mar 2024 00:00:00 +0000

In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative (ZDI) observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412.

Read more