The Potential Impact of the OpenSSH Vulnerabilities CVE-2024–6387 and CVE-2024-6409

Credit to Author: Jagir Shastri| Date: Wed, 17 Jul 2024 00:00:00 +0000

We check the OpenSSH vulnerabilities CVE-2024–6387 and CVE-2024-6409, examining their potential real-world impact and the possibility of exploitation for CVE-2024–6387 in x64 systems.

Read more

Network detection & response: the SOC stress reliever

Credit to Author: Trend Micro Research| Date: Tue, 09 Jul 2024 00:00:00 +0000

Cybersecurity teams are well-equipped to handle threats to technology assets that they manage. But with unmanaged devices providing ideal spots for attackers to lurk unseen, network detection and response capabilities have become vitally important.

Read more

Why You Need Network Detection & Response Now

Credit to Author: Trend Micro Research| Date: Tue, 09 Jul 2024 00:00:00 +0000

Cybersecurity teams are well-equipped to handle threats to technology assets that they manage. But with unmanaged devices providing ideal spots for attackers to lurk unseen, network detection and response capabilities have become vitally important.

Read more

Turning Jenkins Into a Cryptomining Machine From an Attacker’s Perspective

Credit to Author: Shubham Singh| Date: Fri, 05 Jul 2024 00:00:00 +0000

In this blog entry, we will discuss how the Jenkins Script Console can be weaponized by attackers for cryptomining activity if not configured properly.

Read more

Mekotio Banking Trojan Threatens Financial Systems in Latin America

Credit to Author: Trend Micro Research| Date: Thu, 04 Jul 2024 00:00:00 +0000

We’ve recently seen a surge in attacks involving the Mekotio banking trojan. In this blog entry, we’ll provide an overview of the trojan and what it does.

Read more

AI Pulse: Siri Says Hi to OpenAI, Deepfake Olympics & more

Credit to Author: AI Team| Date: Fri, 28 Jun 2024 00:00:00 +0000

AI Pulse is a new blog series from Trend Micro on the latest cybersecurity AI news. In this edition: Siri says hi to OpenAI, fraud hogs the AI cybercrime spotlight, and why the Paris Olympics could be a hotbed of deepfakery.

Read more

Examining Water Sigbin’s Infection Routine Leading to an XMRig Cryptominer

Credit to Author: Ahmed Mohamed Ibrahim | Date: Fri, 28 Jun 2024 00:00:00 +0000

We analyze the multi-stage loading technique used by Water Sigbin to deliver the PureCrypter loader and XMRIG crypto miner.

Read more

Omdia Report: Trend Disclosed 60% of Vulnerabilities

Credit to Author: Dustin Childs| Date: Tue, 25 Jun 2024 00:00:00 +0000

The latest Omdia Vulnerability Report shows Trend MicroTM Zero Day InitiativeTM (ZDI) spearheaded 60% of 2023 disclosures, underscoring its role in cybersecurity threat prevention.

Read more

Commando Cat: A Novel Cryptojacking Attack Abusing Docker Remote API Servers

Credit to Author: Sunil Bharti| Date: Thu, 06 Jun 2024 00:00:00 +0000

We analyze a cryptojacking attack campaign exploiting exposed Docker remote API servers to deploy cryptocurrency miners, using Docker images from the open-source Commando project.

Read more

RSAC 2024 Review: AI & Data Governance Priorities

Credit to Author: Shannon Murphy| Date: Tue, 28 May 2024 00:00:00 +0000

Get our take on the RSA 2024 conference where we review some of the major topics covered such as AI and data governance.

Read more