Category: Trend Micro Research, News and Perspectives

Since the end of 2024, we have been continuously monitoring large-scale DDoS attacks orchestrated by an IoT botnet exploiting vulnerable IoT devices such as wireless routers and IP cameras. This article has been indexed from Trend Micro Research, News and…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating A Web Shell Intrusion With…

Read more →

Our research shows how attackers use platforms like YouTube to spread fake installers via trusted hosting services, employing encryption to evade detection and steal sensitive browser data. This article has been indexed from Trend Micro Research, News and Perspectives Read…

Read more →

Our blog entry discusses a fake PoC exploit for LDAPNightmare (CVE-2024-49113) that is being used to distribute information-stealing malware. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Information Stealer Masquerades as LDAPNightmare…

Read more →

Trend Micro leads the way by mapping its Container Security detection capabilities to the MITRE ATT&CK framework for Containers and contributing real-world attack data. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

This blog entry provides an overview of CVE-2024-49112 and CVE-2024-49113 and includes information that IT and SOC professionals need to know to stay protected against possible exploitation. This article has been indexed from Trend Micro Research, News and Perspectives Read…

Read more →

In this edition of AI Pulse, let’s look back at top AI trends from 2024 in the rear view so we can more clearly predicts AI trends for 2025 and beyond. This article has been indexed from Trend Micro Research,…

Read more →

In this blog entry, Trend Micro’s Managed XDR team discuss their investigation into how the latest variant of NodeStealer is delivered through spear-phishing attacks, potentially leading to malware execution, data theft, and the exfiltration of sensitive information via Telegram. This…

Read more →

Prompt injection exploits vulnerabilities in generative AI to manipulate its behavior, even without extensive permissions. This attack can expose sensitive data, making awareness and preventive measures essential. Learn how it works and how to stay protected. This article has been…

Read more →

In this blog entry, we discuss a social engineering attack that tricked the victim into installing a remote access tool, triggering DarkGate malware activities and an attempted C&C connection. This article has been indexed from Trend Micro Research, News and…

Read more →

Trend threat intelligence and training were crucial to the success of two major policing operations in 2024 This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: INTERPOL & Trend’s Fight Against Cybercrime

Read more →

Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance. This article has been indexed from Trend Micro Research,…

Read more →

Our research into Retrieval Augmented Generation (RAG) systems uncovered at least 80 unprotected servers. We highlight this problem, which can lead to potential data loss and unauthorized access. This article has been indexed from Trend Micro Research, News and Perspectives…

Read more →

Highlights from the recent discussion between Trend Micro’s David Roth, CRO Enterprise America, and guest speaker Jeff Pollard, VP, Principal Analyst, Forrester about AI hype versus reality and how to secure AI in the workplace. This article has been indexed…

Read more →

Trend Micro researchers, in collaboration with Japanese authorities, analyzed links between SEO malware families used in SEO poisoning attacks that lead users to fake shopping sites. This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Read more →

Discover how Earth Estries employs a diverse set of tactics, techniques, and tools, including malware such as Zingdoor and Snappybee, for its campaigns. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Breaking…

Read more →

Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what SOC teams had to say. This article has been indexed from Trend…

Read more →

In the final weeks before November’s U.S. election, cybersecurity experts were calling October 2024 the “month of mischief”—a magnet for bad actors looking to disrupt the democratic process through AI-generated misinformation. This issue of AI Pulse looks at what can…

Read more →

In this blog entry, we discuss how an attacker took advantage of the Atlassian Confluence vulnerability CVE-2023-22527 to connect servers to the Titan Network for cryptomining purposes. This article has been indexed from Trend Micro Research, News and Perspectives Read…

Read more →

While cyberattacks that employ web shells and VPN compromise are not particularly novel, they are still prevalent. The recent incidents that Trend Micro MXDR analyzed highlight the importance of behavioral analysis and anomaly detection in security measures. This article has…

Read more →

How does Prometei insidiously operate in a compromised system? This Managed Extended Detection and Response investigation conducted with the help of Trend Vision One provides a comprehensive analysis of the inner workings of this botnet so users can stop the…

Read more →

How does Prometei insidiously operate in a compromised system? This Managed Extended Detection and Response investigation conducted with the help of Trend Vision One provides a comprehensive analysis of the inner workings of this botnet so users can stop the…

Read more →

In this blog entry, we discuss how malicious actors are exploiting Docker remote API servers via gRPC/h2c to deploy the cryptominer SRBMiner to facilitate their mining of XRP on Docker hosts. This article has been indexed from Trend Micro Research,…

Read more →

We observed an unknown threat actor abusing exposed Docker remote API servers to deploy the perfctl malware. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Attackers Target Exposed Docker Remote API Servers…

Read more →

As businesses increasingly pivot to cloud-native applications, the landscape of cybersecurity becomes ever more challenging. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Gartner 2024 CNAPP Market Guide Insights for Leaders

Read more →

Highlights from the recent discussion between Trend Micro’s David Roth, CRO Enterprise America, and guest speaker Jeff Pollard, VP, Principal Analyst, Forrester about AI hype versus reality and how to secure AI in the workplace. This article has been indexed…

Read more →

This is the latest blog in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How to…

Read more →

This article uncovers a Golang ransomware abusing AWS S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions. This article has been indexed from…

Read more →

Trend Micro’s Threat Hunting Team discovered EDRSilencer, a red team tool that threat actors are attempting to abuse for its ability to block EDR traffic and conceal malicious activity. This article has been indexed from Trend Micro Research, News and…

Read more →

Trend Micro researchers have uncovered a surge of malicious activities involving a threat actor group that we track as Water Makara. This group is targeting enterprises in Brazil, deploying banking malware using obfuscated JavaScript to slip past security defenses. This…

Read more →

Trend Micro’s investigation into the recent activity of Earth Simnavaz provides new insights into the APT group’s evolving tactics and the immediate threat it poses to critical sectors in the UAE. This article has been indexed from Trend Micro Research,…

Read more →

A deep-dive into how AI-driven solutions from Trend Micro leveraging the NVIDIA AI Enterprise software platform are elevating security across critical industries This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Harnessing AI…

Read more →

This is the fourth blog post in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Rogue…

Read more →

Trend Micro MDR (Managed Detection and Response) team promptly mitigated a more_eggs infection. Using Vision One, MDR illustrated how Custom Filters/Models and Security Playbook can be used to automate the response to more_eggs and similar threats. This article has been…

Read more →

On Wednesday, NVIDA released updates to fix a critical vulnerability in its NVIDIA Container Toolkit, which, if exploited, could put a wide range of AI infrastructure and underlying data/secrets at risk. This article has been indexed from Trend Micro Research,…

Read more →

Discover how to use the Cybersecurity Compass to foster effective conversations about cybersecurity strategy between non-technical and technical audiences, focusing on the phases of before, during, and after a breach. This article has been indexed from Trend Micro Research, News…

Read more →

Trend Micro tracked this group as Water Bakunawa, behind the RansomHub ransomware, employs various anti-EDR techniques to play a high-stakes game of hide and seek with security solutions. This article has been indexed from Trend Micro Research, News and Perspectives…

Read more →

We observed Earth Baxia carrying out targeted attacks against APAC countries that involved advanced techniques like spear-phishing and customized malware, with data suggesting that the group operates from China. This article has been indexed from Trend Micro Research, News and…

Read more →

Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base…

Read more →

In this blog entry, we provide an analysis of the recent remote code execution attacks related to Progress Software’s WhatsUp Gold that possibly abused the vulnerabilities CVE-2024-6670 and CVE-2024-6671. This article has been indexed from Trend Micro Research, News and…

Read more →

In this blog entry, we discuss our analysis of Earth Preta’s enhancements in their attacks by introducing new tools, malware variants and strategies to their worm-based attacks and their time-sensitive spear-phishing campaign. This article has been indexed from Trend Micro…

Read more →

Our research reveals that an unidentified threat cluster we named TIDRONE have shown significant interest in military-related industry chains, particularly in the manufacturers of drones. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…

Read more →

Notorious Mekotio and BBTok are having a resurgence targeting Latin American users. Mekotio’s latest variant suggests the gang behind it is broadening their target, while BBTok is seen abusing MSBuild.exe to evade detection. This article has been indexed from Trend…

Read more →

While monitoring Earth Lusca, we discovered the threat group’s use of KTLVdoor, a highly obfuscated multiplatform backdoor, as part of a large-scale attack campaign. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

This is the second blog in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How AI…

Read more →

Trend Micro discovered that old Atlassian Confluence versions that were affected by CVE-2023-22527 are being exploited using a new in-memory fileless backdoor. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Silent Intrusions:…

Read more →

Threat actors are targeting users in the Middle East by distributing sophisticated malware disguised as the Palo Alto GlobalProtect tool. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Threat Actors Target the…

Read more →

A technical analysis on how CVE-2023-22527 can be exploited by malicious actors for cryptojacking attacks that can spread across the victim’s system. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cryptojacking via…

Read more →

The quicker a cyberattack is identified, the less it costs. Jon Clay, VP of Threat Intelligence, reviews seven key initial attack vectors and provides proactive security tips to help you reduce cyber risk across the attack surface. This article has…

Read more →

Using the Trend Micro Vision One platform, our MDR team was able to quickly identify and contain a Play ransomware intrusion attempt. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How Trend…

Read more →

This is the first blog in a series on Rogue AI. Later articles will include technical guidance, case studies and more. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Rogue AI is…

Read more →

Since late 2022, Earth Baku has broadened its scope from the Indo-Pacific region to Europe, the Middle East, and Africa. Their latest operations demonstrate sophisticated techniques, such as exploiting public-facing applications like IIS servers for initial access and deploying the…

Read more →

This article by Trend Micro CEO Eva Chen brings focus back to striking the cybersecurity strategies balance between business C-suite and information technology (IT) departments. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…

Read more →

Explore how the Cybersecurity Compass can guide various security professionals’ and stakeholders’ decision-making before, during, and after a breach. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cybersecurity Compass: An Integrated Cyber…

Read more →

We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites. This article has been indexed from Trend Micro Research, News and Perspectives…

Read more →

The second edition of AI Pulse is all about AI regulation: what’s coming, why it matters, and what might happen without it. We look at Brazil’s hard não to Meta, how communities are pushing back against AI training data use,…

Read more →

Trend Micro research uncovers new cybercrime tools posing increased threats to security, highlighting the rapid evolution of AI-powered hacking services and their potential for mass exploitation This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Read more →

It’s clear that generative AI is a permanent addition to the enterprise IT toolbox. For CISOs, the pressure is on to roll out AI security policies and technologies that can mitigate very real and present risks. This article has been…

Read more →