trend micro research : endpoints – Page 3

Noodle RAT: Reviewing the New Backdoor Used by Chinese-Speaking Groups

June 11, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : malware, trend micro research : research

Credit to Author: Hara Hiroaki| Date: Tue, 11 Jun 2024 00:00:00 +0000

This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime.

Security TrendMicro

Decoding Water Sigbin’s Latest Obfuscation Tricks

May 29, 2024 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : endpoints, trend micro research : exploits & vulnerabilities, trend micro research : reports, trend micro research : research

Credit to Author: Sunil Bharti| Date: Thu, 30 May 2024 00:00:00 +0000

Water Sigbin (aka the 8220 Gang) exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against.

Security TrendMicro

Cybersecurity Decluttered: A Journey to Consolidation

April 15, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : cyber crime, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : expert perspective, trend micro research : network

Credit to Author: David Ng| Date: Fri, 12 Apr 2024 00:00:00 +0000

Learn how far cybersecurity has come from scattered resources to consolidation the future.

Security TrendMicro

How Red Team Exercises Increases Your Cyber Health

April 15, 2024 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : network, trend micro research : phishing, trend micro research : security strategies

Credit to Author: Johnny Krogsboll| Date: Thu, 11 Apr 2024 00:00:00 +0000

Delve into the world of red team exercises, their vital role in enhancing organizational security through simulated cyberattacks, including tactics like phishing and lateral movement within networks, and understand the need for regular testing and improvement to counter evolving threats effectively.

Security TrendMicro

Earth Freybug Uses UNAPIMON for Unhooking Critical APIs

April 15, 2024 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : research

Credit to Author: Christopher So| Date: Tue, 02 Apr 2024 00:00:00 +0000

This article provides an in-depth look into two techniques used by Earth Freybug actors: dynamic-link library (DLL) hijacking and application programming interface (API) unhooking to prevent child processes from being monitored via a new malware we’ve discovered and dubbed UNAPIMON.

Security TrendMicro

Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script

April 15, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : ransomware, trend micro research : research

Credit to Author: Arianne Dela Cruz| Date: Tue, 26 Mar 2024 00:00:00 +0000

This blog entry discusses the Agenda ransomware group’s use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers.

Security TrendMicro

TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types

March 20, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : exploits & vulnerabilities, trend micro research : malware, trend micro research : ransomware, trend micro research : research

Credit to Author: Junestherry Dela Cruz| Date: Tue, 19 Mar 2024 00:00:00 +0000

CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.

Security TrendMicro

Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks

March 18, 2024 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : research

Credit to Author: Joseph C Chen| Date: Mon, 18 Mar 2024 00:00:00 +0000

Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa.

Security TrendMicro

Unveiling Earth Kapre aka RedCurl’s Cyberespionage Tactics With Trend Micro MDR, Threat Intelligence

March 6, 2024 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : research

Credit to Author: Buddy Tancio| Date: Wed, 06 Mar 2024 00:00:00 +0000

This blog entry will examine Trend Micro MDR team’s investigation that successfully uncovered the intrusion sets employed by Earth Kapre in a recent incident, as well as how the team leveraged threat intelligence to attribute the extracted evidence to the cyberespionage threat group.

Security TrendMicro

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO

March 4, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : cyber crime, trend micro research : endpoints, trend micro research : ransomware, trend micro research : research

Credit to Author: Nathaniel Morales| Date: Mon, 04 Mar 2024 00:00:00 +0000

The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact.