trend micro research : articles, news, reports – Page 2

Earth Freybug Uses UNAPIMON for Unhooking Critical APIs

Credit to Author: Christopher So| Date: Tue, 02 Apr 2024 00:00:00 +0000

This article provides an in-depth look into two techniques used by Earth Freybug actors: dynamic-link library (DLL) hijacking and application programming interface (API) unhooking to prevent child processes from being monitored via a new malware we’ve discovered and dubbed UNAPIMON.

Security TrendMicro

Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script

April 15, 2024 admin trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : ransomware, trend micro research : research

Credit to Author: Arianne Dela Cruz| Date: Tue, 26 Mar 2024 00:00:00 +0000

This blog entry discusses the Agenda ransomware group’s use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers.

Security TrendMicro

TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types

March 19, 2024 admin trend micro research : articles, news, reports, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : exploits & vulnerabilities, trend micro research : malware, trend micro research : ransomware, trend micro research : research

Credit to Author: Junestherry Dela Cruz| Date: Tue, 19 Mar 2024 00:00:00 +0000

CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.

Security TrendMicro

NIST Launches Cybersecurity Framework (CSF) 2.0

March 19, 2024 admin trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : compliance & risks, trend micro research : expert perspective

Credit to Author: Shannon Murphy| Date: Wed, 20 Mar 2024 00:00:00 +0000

On February 26, 2024, the National Institute of Standards and Technology (NIST) released the official 2.0 version of the Cyber Security Framework (CSF).

Security TrendMicro

Jenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk

March 18, 2024 admin trend micro research : articles, news, reports, trend micro research : exploits & vulnerabilities, trend micro research : research

Credit to Author: Arun Shaji| Date: Tue, 19 Mar 2024 00:00:00 +0000

Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897.

Security TrendMicro

Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks

March 18, 2024 admin trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : research

Credit to Author: Joseph C Chen| Date: Mon, 18 Mar 2024 00:00:00 +0000

Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa.

Security TrendMicro

A Necessary Digital Odyssey of RPA and AI/ML at HUD

March 12, 2024 admin trend micro research : articles, news, reports, trend micro research : cyber crime, trend micro research : cyber threats, trend micro research : data center, trend micro research : expert perspective, trend micro research : iot, trend micro research : network, trend micro research : privacy & risks

Credit to Author: David Chow| Date: Wed, 13 Mar 2024 00:00:00 +0000

Explore two RPA and AI/ML use cases at HUD during the operational challenges of the longest US Government shutdown, a rigid legacy IT environment, and complex federal regulations.

Security TrendMicro

Unveiling Earth Kapre aka RedCurl’s Cyberespionage Tactics With Trend Micro MDR, Threat Intelligence

March 6, 2024 admin trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : research

Credit to Author: Buddy Tancio| Date: Wed, 06 Mar 2024 00:00:00 +0000

This blog entry will examine Trend Micro MDR team’s investigation that successfully uncovered the intrusion sets employed by Earth Kapre in a recent incident, as well as how the team leveraged threat intelligence to attribute the extracted evidence to the cyberespionage threat group.