Codex Exposed: Task Automation and Response Consistency

Credit to Author: Forward-Looking Threat Research Team| Date: Fri, 21 Jan 2022 00:00:00 +0000

Being able to automate tasks or programmatically execute them unsupervised is an essential part of both regular and malicious computer usage, so we wondered if a tool like Codex was reliable enough to be scripted and left to run unsupervised, generating the required code.

Read more

Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware

Credit to Author: Ian Kenefick| Date: Fri, 21 Jan 2022 00:00:00 +0000

We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection.

Read more

Defending Users’ NAS Devices From Evolving Threats

Credit to Author: Stephen Hilt| Date: Thu, 20 Jan 2022 00:00:00 +0000

In our latest research, we analyze the threats targeting well-known brands of network-attached storage (NAS) devices.

Read more

This Week in Security News – January 14, 2022

Credit to Author: Jon Clay| Date: Fri, 14 Jan 2022 00:00:00 +0000

This week, read about how crucial it is for security teams to adopt an integrated approach to threat detection, such as remote control, and Congress’s plan to update the Federal Information Security Management Act (FISMA) for the first time in eight years.

Read more

Codex Exposed: How Low Is Too Low When We Generate Code?

Credit to Author: Forward-Looking Threat Research Team| Date: Fri, 14 Jan 2022 00:00:00 +0000

In a series of blog posts, we explore different aspects of Codex and assess its capabilities with a focus on the security aspects that affect not only regular developers but also malicious users. This is the second part of the series.

Read more

Uncovering and Defending Systems Against Attacks With Layers of Remote Control

Credit to Author: Abraham Camba| Date: Mon, 10 Jan 2022 00:00:00 +0000

The Trend Micro™ Managed XDR team addressed a stealthy multilayered attack that progressed from an exploited endpoint vulnerability to the use of legitimate remote access tools including Remote Desktop Protocol (RDP) as its final means of intrusion.

Read more

This Week in Security News – January 7, 2022

Credit to Author: Jon Clay| Date: Fri, 07 Jan 2022 00:00:00 +0000

This week, read about Log4j vulnerabilities in connected cars and charging stations and how iOS malware can fake iPhone shutdowns to snoop on cameras and microphones.

Read more