trend micro research : articles, news, reports – Page 28

Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike

Credit to Author: Ian Kenefick| Date: Wed, 12 Oct 2022 00:00:00 +0000

We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to the threat actors behind the Black Basta ransomware.

Security TrendMicro

How Water Labbu Exploits Electron-Based Applications

October 5, 2022 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : cyber threats, trend micro research : research, trend micro research : web

Credit to Author: Joseph C Chen| Date: Wed, 05 Oct 2022 00:00:00 +0000

In the second part of our Water Labbu blog series, we explore how the threat actor exploits Electron-based applications using Cobalt Strike to deploy backdoors.

Security TrendMicro

Tracking Earth Aughisky’s Malware and Changes

October 4, 2022 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : cyber crime, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : ics ot, trend micro research : malware, trend micro research : network, trend micro research : web

Credit to Author: CH Lei| Date: Tue, 04 Oct 2022 00:00:00 +0000

For over 10 years, security researchers have been observing and keeping tabs of APT group Earth Aughisky’s malware families and the connections, including previously documented malware that have yet to be attributed.

Security TrendMicro

Water Labbu Abuses Malicious DApps to Steal Cryptocurrency

October 3, 2022 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : cyber crime, trend micro research : cyber threats, trend micro research : research, trend micro research : web

Credit to Author: Joseph C Chen| Date: Mon, 03 Oct 2022 00:00:00 +0000

The parasitic Water Labbu capitalizes on the social engineering schemes of other scammers, injecting malicious JavaScript code into their malicious decentralized application websites to steal cryptocurrency.

Security TrendMicro

Stronger Cloud Security in Azure Function Using Custom Cloud Container

September 29, 2022 0 Comments trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : research

Credit to Author: David Fiser| Date: Thu, 29 Sep 2022 00:00:00 +0000

In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Function.

Security TrendMicro

Stronger Cloud Security in Azure Functions Using Custom Cloud Container

September 29, 2022 0 Comments trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : research

Credit to Author: David Fiser| Date: Thu, 29 Sep 2022 00:00:00 +0000

In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Functions.

Security TrendMicro

Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware

September 21, 2022 0 Comments trend micro research : articles, news, reports, trend micro research : cyber crime, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : exploits & vulnerabilities, trend micro research : malware, trend micro research : mobile

Credit to Author: Sunil Bharti| Date: Wed, 21 Sep 2022 00:00:00 +0000

Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining.

Security TrendMicro

Security Risks in Logistics APIs Used by E-Commerce Platforms

September 20, 2022 0 Comments trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : exploits & vulnerabilities, trend micro research : medium, trend micro research : research

Credit to Author: Ryan Flores| Date: Tue, 20 Sep 2022 00:00:00 +0000

Our research examines the security flaws that we found in the logistics API implementation of e-commerce platforms that can potentially expose the consumers’ personal information. We discuss the security risks that such flaws present for software engineers, e-commerce platform providers, and consumers.

Security TrendMicro

A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities

September 14, 2022 0 Comments trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : exploits & vulnerabilities, trend micro research : research

Credit to Author: Sunil Bharti| Date: Wed, 14 Sep 2022 00:00:00 +0000

This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints.