trend micro research : research – Page 3

Vulnerabilities in Cellular Packet Cores Part IV: Authentication

September 18, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : exploits & vulnerabilities, trend micro research : network, trend micro research : research

Credit to Author: Richard Y Lin| Date: Wed, 18 Sep 2024 00:00:00 +0000

Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base stations, disrupting network operations. While these issues are implementation-specific, their exploitation is made possible by a systemic weakness: the lack of mandatory authentication procedures between base stations and packet-cores.

Security TrendMicro

Protecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities

September 12, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : exploits & vulnerabilities, trend micro research : research

Credit to Author: Hitomi Kimura| Date: Thu, 12 Sep 2024 00:00:00 +0000

In this blog entry, we provide an analysis of the recent remote code execution attacks related to Progress Software’s WhatsUp Gold that possibly abused the vulnerabilities CVE-2024-6670 and CVE-2024-6671.

Security TrendMicro

Earth Preta Evolves its Attacks with New Malware and Strategies

September 12, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : malware, trend micro research : research

Credit to Author: Lenart Bermejo| Date: Mon, 09 Sep 2024 00:00:00 +0000

In this blog entry, we discuss our analysis of Earth Preta’s enhancements in their attacks by introducing new tools, malware variants and strategies to their worm-based attacks and their time-sensitive spear-phishing campaign.

Security TrendMicro

TIDRONE Targets Military and Satellite Industries in Taiwan

September 12, 2024 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : research

Credit to Author: Pierre Lee| Date: Fri, 06 Sep 2024 00:00:00 +0000

Our research reveals that an unidentified threat cluster we named TIDRONE have shown significant interest in military-related industry chains, particularly in the manufacturers of drones.

Security TrendMicro

Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command

September 12, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : phishing, trend micro research : research

Credit to Author: Mhica Romero| Date: Thu, 05 Sep 2024 00:00:00 +0000

Notorious Mekotio and BBTok are having a resurgence targeting Latin American users. Mekotio’s latest variant suggests the gang behind it is broadening their target, while BBTok is seen abusing MSBuild.exe to evade detection.

Security TrendMicro

Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion

September 12, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : malware, trend micro research : research

Credit to Author: Cedric Pernet| Date: Wed, 04 Sep 2024 00:00:00 +0000

While monitoring Earth Lusca, we discovered the threat group’s use of KTLVdoor, a highly obfuscated multiplatform backdoor, as part of a large-scale attack campaign.

Security TrendMicro

Threat Actors Target the Middle East Using Fake Palo Alto GlobalProtect Tool

September 12, 2024 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : malware, trend micro research : research

Credit to Author: Mohamed Fahmy| Date: Thu, 29 Aug 2024 00:00:00 +0000

Threat actors are targeting users in the Middle East by distributing sophisticated malware disguised as the Palo Alto GlobalProtect tool.

Security TrendMicro

Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem

August 27, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : cyber crime, trend micro research : cyber threats, trend micro research : exploits & vulnerabilities, trend micro research : malware, trend micro research : research

Credit to Author: Abdelrahman Esmail| Date: Wed, 28 Aug 2024 00:00:00 +0000

A technical analysis on how CVE-2023-22527 can be exploited by malicious actors for cryptojacking attacks that can spread across the victim’s system.

Security TrendMicro

How Trend Micro Managed Detection and Response Pressed Pause on a Play Ransomware Attack

August 21, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : ransomware, trend micro research : research

Credit to Author: Trent Bessell| Date: Thu, 22 Aug 2024 00:00:00 +0000

Using the Trend Micro Vision One platform, our MDR team was able to quickly identify and contain a Play ransomware intrusion attempt.

Security TrendMicro

A Dive into Earth Baku’s Latest Campaign

August 8, 2024 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : malware, trend micro research : research

Credit to Author: Ted Lee| Date: Fri, 09 Aug 2024 00:00:00 +0000

Since late 2022, Earth Baku has broadened its scope from the Indo-Pacific region to Europe, the Middle East, and Africa. Their latest operations demonstrate sophisticated techniques, such as exploiting public-facing applications like IIS servers for initial access and deploying the Godzilla webshell for command and control.