What to Do About Log4j
Credit to Author: William Malik| Date: Tue, 21 Dec 2021 00:00:00 +0000
Learn more about some tactical measures people are already taking, and some strategic guidance for what to do after the immediate crisis abates.
Read moretrend micro research : articles, news, reports
Are Endpoints at Risk for Log4Shell Attacks?
We created a free assessment tool for scanning devices to know whether it is at risk for Log4Shell attacks.
Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
Credit to Author: Abraham Camba| Date: Fri, 17 Dec 2021 00:00:00 +0000
We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign.
Read moreThis Week in Security News – December 17, 2021
Credit to Author: Jon Clay| Date: Fri, 17 Dec 2021 00:00:00 +0000
This week, read on Purple Fox’s infection chain observed by Trend Micro’s Managed XDR. Also, learn about the Log4j vulnerability that has the potential to cause ‘incalculable’ damage.
Read moreVolatile and Adaptable: Tracking the Movements of Modern Ransomware
Credit to Author: Trend Micro Research| Date: Wed, 15 Dec 2021 00:00:00 +0000
Trend Micro’s tracking of modern ransomware, as well as of older families, shows which attacks are gaining momentum and which families are particularly dangerous for enterprises and private users.
Read moreCollecting In the Dark: Tropic Trooper Targets Transportation and Government
Credit to Author: Nick Dai| Date: Tue, 14 Dec 2021 00:00:00 +0000
Our long-term monitoring of the cyberespionage group Earth Centaur (aka Tropic Trooper) shows that the threat actors are equipped with new tools and techniques. The group seems to be targeting transportation companies and government agencies related to transportation.
Read morePatch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited
Credit to Author: Ranga Duraisamy| Date: Mon, 13 Dec 2021 00:00:00 +0000
Log4Shell., also known as CVE-2021-44228, was first reported privately to Apache on November 24 and was patched with version 2.15.0 of Log4j on December 9. It affects Apache Struts, Apache Solr, Apache Druid, Elasticsearch, Apache Dubbo, and VMware vCenter.
Read moreA Look Into Purple Fox’s Server Infrastructure
Credit to Author: Jay Yaneza| Date: Mon, 13 Dec 2021 00:00:00 +0000
By examining Purple Fox’s routines and activities, both with our initial research and the subject matter we cover in this blog post, we hope to help incident responders, security operation centers (SOCs), and security researchers find and weed out Purple Fox infections in their network.
Read moreThis Week in Security News – December 10, 2021
Credit to Author: Jon Clay| Date: Fri, 10 Dec 2021 00:00:00 +0000
This week, read about Trend Micro’s predictions for security in the coming year. Also, learn about the Biden administration’s latest initiatives for curtailing attacks on the transport infrastructure.
Read moreNew Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes
Credit to Author: Don Ovid Ladores| Date: Fri, 10 Dec 2021 00:00:00 +0000
We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these samples is that the files are code-signed. They also terminate various processes which are related to database and backup management.
Read more