CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

Credit to Author: Peter Girnus| Date: Mon, 20 Nov 2023 00:00:00 +0000

We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.

Read more

Beware: Lumma Stealer Distributed via Discord CDN

Credit to Author: Carl Malipot| Date: Mon, 16 Oct 2023 00:00:00 +0000

This blog discusses how threat actors abuse Discord’s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware.

Read more

Exposing Infection Techniques Across Supply Chains and Codebases

Credit to Author: Aliakbar Zahravi| Date: Thu, 05 Oct 2023 00:00:00 +0000

This entry delves into threat actors’ intricate methods to implant malicious payloads within seemingly legitimate applications and codebases.

Read more

Decoding Turla: Trend Micro’s MITRE Performance

Credit to Author: Shannon Murphy| Date: Thu, 21 Sep 2023 00:00:00 +0000

This year, the MITRE Engenuity ATT&CK evaluation tested cybersecurity vendors against simulated attack scenarios mimicking the adversary group “Turla.” Learn about Trend Micro’s 100% successful protection performance.

Read more

Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign

Credit to Author: Cedric Pernet| Date: Thu, 21 Sep 2023 00:00:00 +0000

This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud.

Read more

Attacks on 5G Infrastructure From Users’ Devices

Credit to Author: Salim S.I.| Date: Wed, 20 Sep 2023 00:00:00 +0000

Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency, and productivity brought by 5G. This entry describes CVE-2021-45462 as a potential use case to deploy a denial-of-service (DoS) attack to private 5G networks.

Read more