Credit to Author: Peter Girnus| Date: Fri, 12 Jan 2024 00:00:00 +0000
This blog delves into the Phemedrone Stealer campaign’s exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware’s payload.
Read moreCredit to Author: Jagir Shastri| Date: Fri, 15 Dec 2023 00:00:00 +0000
In this blog entry, we discuss the technical details of CVE-2023-50164, a critical vulnerability that affects Apache Struts 2 and enables unauthorized path traversal.
Read moreCredit to Author: Salim S.I.| Date: Fri, 01 Dec 2023 00:00:00 +0000
The Open Radio Access Network (ORAN) architecture provides standardized interfaces and protocols to previously closed systems. However, our research on ORAN demonstrates the potential threat posed by malicious xApps that are capable of compromising the entire Ran Intelligent Controller (RIC) subsystem.
Read moreCredit to Author: Peter Girnus| Date: Mon, 20 Nov 2023 00:00:00 +0000
We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.
Read moreCredit to Author: Sophia Nilette Robles| Date: Fri, 10 Nov 2023 00:00:00 +0000
We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations.
Read moreCredit to Author: Carl Malipot| Date: Mon, 16 Oct 2023 00:00:00 +0000
This blog discusses how threat actors abuse Discord’s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware.
Read moreCredit to Author: Aliakbar Zahravi| Date: Thu, 05 Oct 2023 00:00:00 +0000
This entry delves into threat actors’ intricate methods to implant malicious payloads within seemingly legitimate applications and codebases.
Read moreCredit to Author: Shannon Murphy| Date: Thu, 21 Sep 2023 00:00:00 +0000
This year, the MITRE Engenuity ATT&CK evaluation tested cybersecurity vendors against simulated attack scenarios mimicking the adversary group “Turla.” Learn about Trend Micro’s 100% successful protection performance.
Read moreCredit to Author: Cedric Pernet| Date: Thu, 21 Sep 2023 00:00:00 +0000
This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud.
Read moreCredit to Author: Salim S.I.| Date: Wed, 20 Sep 2023 00:00:00 +0000
Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency, and productivity brought by 5G. This entry describes CVE-2021-45462 as a potential use case to deploy a denial-of-service (DoS) attack to private 5G networks.
Read more