Credit to Author: Junestherry Dela Cruz| Date: Tue, 19 Mar 2024 00:00:00 +0000
CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.
Read moreCredit to Author: Arun Shaji| Date: Tue, 19 Mar 2024 00:00:00 +0000
Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897.
Read moreCredit to Author: Peter Girnus| Date: Wed, 13 Mar 2024 00:00:00 +0000
In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative (ZDI) observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412.
Read moreCredit to Author: Ian Kenefick| Date: Tue, 27 Feb 2024 00:00:00 +0000
This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry.
Read moreCredit to Author: David Chow| Date: Tue, 13 Feb 2024 00:00:00 +0000
Trend Micro’s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024.
Read moreCredit to Author: Trend Micro Research| Date: Tue, 13 Feb 2024 00:00:00 +0000
This entry aims to provide additional context to CVE-2024-21412, how it can be used by threat actors, and how Trend protects customers from this specific vulnerability.
Read moreCredit to Author: Peter Girnus| Date: Tue, 13 Feb 2024 00:00:00 +0000
The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.
Read moreCredit to Author: Jagir Shastri| Date: Wed, 07 Feb 2024 00:00:00 +0000
In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution.
Read moreCredit to Author: Alifiya Sadikali| Date: Tue, 06 Feb 2024 00:00:00 +0000
Attacks don’t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers—including the cloud—for more proactive risk management.
Read moreCredit to Author: Feike Hacquebord| Date: Wed, 31 Jan 2024 00:00:00 +0000
Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted.
Read more