This Week in Security News – January 14, 2022

Credit to Author: Jon Clay| Date: Fri, 14 Jan 2022 00:00:00 +0000

This week, read about how crucial it is for security teams to adopt an integrated approach to threat detection, such as remote control, and Congress’s plan to update the Federal Information Security Management Act (FISMA) for the first time in eight years.

Read more

Uncovering and Defending Systems Against Attacks With Layers of Remote Control

Credit to Author: Abraham Camba| Date: Mon, 10 Jan 2022 00:00:00 +0000

The Trend Micro™ Managed XDR team addressed a stealthy multilayered attack that progressed from an exploited endpoint vulnerability to the use of legitimate remote access tools including Remote Desktop Protocol (RDP) as its final means of intrusion.

Read more

Codex Exposed: Exploring the Capabilities and Risks of OpenAI’s Code Generator

Credit to Author: Forward-Looking Threat Research Team| Date: Fri, 07 Jan 2022 00:00:00 +0000

The first of a series of blog posts examines the security risks of Codex, a code generator powered by the GPT-3 engine.

Read more

This Week in Security News – January 7, 2022

Credit to Author: Jon Clay| Date: Fri, 07 Jan 2022 00:00:00 +0000

This week, read about Log4j vulnerabilities in connected cars and charging stations and how iOS malware can fake iPhone shutdowns to snoop on cameras and microphones.

Read more

What to Do About Log4j

Credit to Author: William Malik| Date: Tue, 21 Dec 2021 00:00:00 +0000

Learn more about some tactical measures people are already taking, and some strategic guidance for what to do after the immediate crisis abates.

Read more

Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager

Credit to Author: Abraham Camba| Date: Fri, 17 Dec 2021 00:00:00 +0000

We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign.

Read more

This Week in Security News – December 17, 2021

Credit to Author: Jon Clay| Date: Fri, 17 Dec 2021 00:00:00 +0000

This week, read on Purple Fox’s infection chain observed by Trend Micro’s Managed XDR. Also, learn about the Log4j vulnerability that has the potential to cause ‘incalculable’ damage.

Read more

This Week in Security News – December 10, 2021

Credit to Author: Jon Clay| Date: Fri, 10 Dec 2021 00:00:00 +0000

This week, read about Trend Micro’s predictions for security in the coming year. Also, learn about the Biden administration’s latest initiatives for curtailing attacks on the transport infrastructure.

Read more

The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs

Credit to Author: Veronica Chierzi| Date: Thu, 09 Dec 2021 00:00:00 +0000

In our study, we relied on the tactics, techniques, and procedures of MITRE ATT&CK to define the malware capabilities and characteristics of IoT Linux malware. We describe our findings and how IoT malware has been evolving.

Read more