Credit to Author: Ahmed Mohamed Ibrahim | Date: Fri, 28 Jun 2024 00:00:00 +0000
We analyze the multi-stage loading technique used by Water Sigbin to deliver the PureCrypter loader and XMRIG crypto miner.
Read moreCredit to Author: Dustin Childs| Date: Tue, 25 Jun 2024 00:00:00 +0000
The latest Omdia Vulnerability Report shows Trend MicroTM Zero Day InitiativeTM (ZDI) spearheaded 60% of 2023 disclosures, underscoring its role in cybersecurity threat prevention.
Read moreCredit to Author: Sunil Bharti| Date: Thu, 30 May 2024 00:00:00 +0000
Water Sigbin (aka the 8220 Gang) exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against.
Read moreCredit to Author: Fernando Cardoso| Date: Fri, 12 Apr 2024 00:00:00 +0000
Delve into the crucial practice of file scanning within uploader applications, and learn defensive measures to safeguards against malicious threats like malware.
Read moreCredit to Author: Fernando Cardoso| Date: Wed, 03 Apr 2024 00:00:00 +0000
Explore how a cybersecurity platform with attack surface management and runtime protection capabilities can enhance your cloud security posture.
Read moreCredit to Author: Junestherry Dela Cruz| Date: Tue, 19 Mar 2024 00:00:00 +0000
CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.
Read moreCredit to Author: Arun Shaji| Date: Tue, 19 Mar 2024 00:00:00 +0000
Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897.
Read moreCredit to Author: Peter Girnus| Date: Wed, 13 Mar 2024 00:00:00 +0000
In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative (ZDI) observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412.
Read moreCredit to Author: Ian Kenefick| Date: Tue, 27 Feb 2024 00:00:00 +0000
This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry.
Read moreCredit to Author: David Chow| Date: Tue, 13 Feb 2024 00:00:00 +0000
Trend Micro’s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024.
Read more