Turning Jenkins Into a Cryptomining Machine From an Attacker’s Perspective

Credit to Author: Shubham Singh| Date: Fri, 05 Jul 2024 00:00:00 +0000

In this blog entry, we will discuss how the Jenkins Script Console can be weaponized by attackers for cryptomining activity if not configured properly.

Read more

AI Pulse: Siri Says Hi to OpenAI, Deepfake Olympics & more

Credit to Author: AI Team| Date: Fri, 28 Jun 2024 00:00:00 +0000

AI Pulse is a new blog series from Trend Micro on the latest cybersecurity AI news. In this edition: Siri says hi to OpenAI, fraud hogs the AI cybercrime spotlight, and why the Paris Olympics could be a hotbed of deepfakery.

Read more

Examining Water Sigbin’s Infection Routine Leading to an XMRig Cryptominer

Credit to Author: Ahmed Mohamed Ibrahim | Date: Fri, 28 Jun 2024 00:00:00 +0000

We analyze the multi-stage loading technique used by Water Sigbin to deliver the PureCrypter loader and XMRIG crypto miner.

Read more

Omdia Report: Trend Disclosed 60% of Vulnerabilities

Credit to Author: Dustin Childs| Date: Tue, 25 Jun 2024 00:00:00 +0000

The latest Omdia Vulnerability Report shows Trend MicroTM Zero Day InitiativeTM (ZDI) spearheaded 60% of 2023 disclosures, underscoring its role in cybersecurity threat prevention.

Read more

Decoding Water Sigbin’s Latest Obfuscation Tricks

Credit to Author: Sunil Bharti| Date: Thu, 30 May 2024 00:00:00 +0000

Water Sigbin (aka the 8220 Gang) exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against.

Read more

Importance of Scanning Files on Uploader Applications

Credit to Author: Fernando Cardoso| Date: Fri, 12 Apr 2024 00:00:00 +0000

Delve into the crucial practice of file scanning within uploader applications, and learn defensive measures to safeguards against malicious threats like malware.

Read more

Why a Cloud Security Platform Approach is Critical

Credit to Author: Fernando Cardoso| Date: Wed, 03 Apr 2024 00:00:00 +0000

Explore how a cybersecurity platform with attack surface management and runtime protection capabilities can enhance your cloud security posture.

Read more

TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types

Credit to Author: Junestherry Dela Cruz| Date: Tue, 19 Mar 2024 00:00:00 +0000

CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.

Read more

CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign

Credit to Author: Peter Girnus| Date: Wed, 13 Mar 2024 00:00:00 +0000

In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative (ZDI) observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412.

Read more