Latest on OpenSSL 3.0.7 Critical Bug & Security-Fix
Credit to Author: Eric Skinner| Date: Mon, 31 Oct 2022 00:00:00 +0000
Potential disruptions following vulnerabilities found in OpenSSL.
Read moretrend micro research : articles, news, reports
Manufacturing Cybersecurity: Trends & Survey Response
Credit to Author: Mayumi Nishimura| Date: Fri, 28 Oct 2022 00:00:00 +0000
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations.
Read moreWhere is the Origin?: QAKBOT Uses Valid Code Signing
Credit to Author: Hitomi Kimura| Date: Thu, 27 Oct 2022 00:00:00 +0000
Code signing certificates help us assure the file’s validity and legitimacy. However, threat actors can use that against us. In this blog, discover how QAKBOT use such tactic and learn ways how to prevent it.
Read moreFrom Bounty to Exploit: Observations About Cybercriminal Contests
Credit to Author: David Sancho| Date: Thu, 27 Oct 2022 00:00:00 +0000
From articles to hackathons, cybercriminals are resorting to crowdsourcing to find more ways to exploit systems. In this blog, we discuss our takeaways and summarize the results of these contests.
Read moreAddressing Ransomware in Hospitals & Medical Devices
Credit to Author: Ericka Pingol| Date: Wed, 26 Oct 2022 00:00:00 +0000
Ransomware attacks have been on the rise in recent years, and hospitals are increasingly becoming targets. In many cases, these attacks can have devastating consequences, disrupting vital services and putting patients’ lives at risk.
Read moreThreat Actors Target AWS EC2 Workloads to Steal Credentials
Credit to Author: Nitesh Surana| Date: Wed, 26 Oct 2022 00:00:00 +0000
We found malicious samples attempting to steal Amazon Elastic Compute Cloud (EC2) Workloads’ access keys and tokens via typosquatting and the abuse of legitimate tools.
Read moreLV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company
Credit to Author: Mohamed Fahmy| Date: Tue, 25 Oct 2022 00:00:00 +0000
Our blog entry provides a look at an attack involving the LV ransomware on a Jordan-based company from an intrusion analysis standpoint
Read moreUncovering Security Blind Spots in CNC Machines
Credit to Author: Marco Balduzzi| Date: Mon, 24 Oct 2022 00:00:00 +0000
Industry 4.0 has given rise to smart factories that have markedly improved machining processes, but it has also opened the doors for cybercriminals looking to abuse networked industrial equipment such as CNC machines. Our research investigates potential cyberthreats to CNC machines and how manufacturers can mitigate the associated risks.
Read moreTeamTNT Returns – or Does It?
Credit to Author: Sunil Bharti| Date: Wed, 19 Oct 2022 00:00:00 +0000
Our honeypots caught malicious cryptocurrency miner samples targeting the cloud and containers, and its routines are reminiscent of the routines employed by cybercriminal group TeamTNT, which was said to have quit in November 2021. Our investigation shows that another threat actor group, WatchDog, might be mimicking TeamTNT’s arsenal.
Read moreOil and Gas Cybersecurity: Trends & Response to Survey
Credit to Author: Mayumi Nishimura| Date: Thu, 13 Oct 2022 00:00:00 +0000
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations.
Read more