Link Trap: GenAI Prompt Injection Attack

Credit to Author: Jay Liao| Date: Tue, 10 Dec 2024 00:00:00 +0000

Prompt injection exploits vulnerabilities in generative AI to manipulate its behavior, even without extensive permissions. This attack can expose sensitive data, making awareness and preventive measures essential. Learn how it works and how to stay protected.

Read more

MITRE ATT&CK 2024 Results for Enterprise Security

Credit to Author: Mike Grodzki| Date: Mon, 09 Dec 2024 00:00:00 +0000

Enterprise 2024 will incorporate multiple, smaller emulations for a more nuanced and targeted evaluation of defensive capabilities. We’re excited to offer two distinct adversary focus areas: Ransomware targeting Windows and Linux, and the Democratic People’s Republic of Korea’s targeting macOS.

Read more

AI Pulse: The Good from AI and the Promise of Agentic

Credit to Author: AI Team| Date: Sun, 01 Dec 2024 00:00:00 +0000

The perils of AI get a lot of airtime, but what are the upsides? This issue of AI Pulse looks at some of the good AI can bring, from strengthening cybersecurity to driving health breakthroughs—and how the coming wave of agentic AI is going to take those possibilities to a whole new level.

Read more

Guess Who’s Back – The Return of ANEL in the Recent Earth Kasha Spear-phishing Campaign in 2024

Credit to Author: Hara Hiroaki| Date: Tue, 26 Nov 2024 00:00:00 +0000

Trend Micro has identified a spear-phishing campaign active in Japan since June 2024. Evidence about the malware used by this campaign suggests this was part of a new operation by Earth Kasha.

Read more

Spot the Difference: Earth Kasha’s New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella

Credit to Author: Hara Hiroaki| Date: Tue, 19 Nov 2024 00:00:00 +0000

LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the group as Earth Kasha. We have identified a new campaign connected to this group with significant updates to their strategy, tactics, and arsenals.

Read more

Breaking Down Earth Estries’ Persistent TTPs in Prolonged Cyber Operations

Credit to Author: Ted Lee| Date: Fri, 08 Nov 2024 00:00:00 +0000

Discover how Earth Estries employs a diverse set of tactics, techniques, and tools, including malware such as Zingdoor and Snappybee, for its campaigns.

Read more

Understanding the Initial Stages of Web Shell and VPN Threats: An MXDR Analysis

Credit to Author: Ryan Maglaque| Date: Thu, 24 Oct 2024 00:00:00 +0000

While cyberattacks that employ web shells and VPN compromise are not particularly novel, they are still prevalent. The recent incidents that Trend Micro MXDR analyzed highlight the importance of behavioral analysis and anomaly detection in security measures.

Read more

Unmasking Prometei: A Deep Dive Into Our MXDR Findings

Credit to Author: Buddy Tancio| Date: Wed, 23 Oct 2024 00:00:00 +0000

How does Prometei insidiously operate in a compromised system? This Managed Extended Detection and Response investigation conducted with the help of Trend Vision One provides a comprehensive analysis of the inner workings of this botnet so users can stop the threat in its tracks before it inflicts damage to the system.

Read more

Water Makara Uses Obfuscated JavaScript in Spear Phishing Campaign, Targets Brazil With Astaroth Malware

Credit to Author: Charles Adrian Marty| Date: Mon, 14 Oct 2024 00:00:00 +0000

Trend Micro researchers have uncovered a surge of malicious activities involving a threat actor group that we track as Water Makara. This group is targeting enterprises in Brazil, deploying banking malware using obfuscated JavaScript to slip past security defenses.

Read more

Cybersecurity Compass: Bridging the Communication Gap

Credit to Author: Juan Pablo Castro| Date: Thu, 26 Sep 2024 00:00:00 +0000

Discover how to use the Cybersecurity Compass to foster effective conversations about cybersecurity strategy between non-technical and technical audiences, focusing on the phases of before, during, and after a breach.

Read more