Credit to Author: Junestherry Dela Cruz| Date: Tue, 19 Mar 2024 00:00:00 +0000
CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.
Read moreCredit to Author: Cedric Pernet| Date: Mon, 26 Feb 2024 00:00:00 +0000
During our monitoring of Earth Lusca, we noticed a new campaign that used Chinese-Taiwanese relations as a social engineering lure to infect selected targets.
Read moreCredit to Author: Trend Micro Research| Date: Thu, 22 Feb 2024 00:00:00 +0000
This research is the result of our collaboration with the National Crime Agency in the United Kingdom, who took action against LockBit as part of Operation Cronos, an international effort resulting in the undermining of its operations.
Read moreCredit to Author: Sunny Lu| Date: Tue, 20 Feb 2024 00:00:00 +0000
In this blog entry, we focus on Earth Preta’s campaign that employed a variant of the DOPLUGS malware to target Asian countries.
Read moreCredit to Author: Shannon Murphy| Date: Thu, 08 Feb 2024 00:00:00 +0000
After a full year of life with ChatGPT cybersecurity experts have a clearer sense of how criminals are using generative AI to enhance attacks – learn what generative AI means for cybersecurity in 2024.
Read moreCredit to Author: Buddy Tancio| Date: Mon, 11 Dec 2023 00:00:00 +0000
This blog entry delves into MxDR’s unraveling of the AsyncRAT infection chain across multiple cases, shedding light on the misuse of aspnet_compiler.exe, a legitimate Microsoft process originally designed for precompiling ASP.NET web applications.
Read moreCredit to Author: Hitomi Kimura| Date: Wed, 22 Nov 2023 00:00:00 +0000
The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.
Read moreCredit to Author: Veronica Chierzi| Date: Tue, 14 Nov 2023 00:00:00 +0000
This blog entry explores the effectiveness of ChatGPT’s safety measures, the potential for AI technologies to be misused by criminal actors, and the limitations of current AI models.
Read moreCredit to Author: Buddy Tancio| Date: Thu, 09 Nov 2023 00:00:00 +0000
We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies.
Read moreCredit to Author: Carl Malipot| Date: Mon, 16 Oct 2023 00:00:00 +0000
This blog discusses how threat actors abuse Discord’s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware.
Read more