What is Red Teaming & How it Benefits Orgs
Credit to Author: Michael Draeger| Date: Tue, 10 Jan 2023 00:00:00 +0000
Running real-world attack simulations can help improve organizations’ cybersecurity resilience
Read MoreRSS Reader for Computer Security Articles
Credit to Author: Michael Draeger| Date: Tue, 10 Jan 2023 00:00:00 +0000
Running real-world attack simulations can help improve organizations’ cybersecurity resilience
Read MoreCredit to Author: Jiri Sykora| Date: Wed, 21 Dec 2022 00:00:00 +0000
We look into some of the implementations that cybercriminals use to bypass the Windows Antimalware Scan Interface (AMSI) and how security teams can detect threats attempting to abuse it for compromise with Trend Micro Vision One™.
Read MoreCredit to Author: Mickey Jin| Date: Wed, 21 Dec 2022 00:00:00 +0000
This blog entry discusses the technical details of how we exploited CVE-2022-22583 using a different method. We also tackle the technical details of CVE-2022-32800, another SIP-bypass that we discovered more recently, in this report.
Read MoreCredit to Author: Jon Clay| Date: Fri, 16 Dec 2022 00:00:00 +0000
Trend Micro will be joining Google’s App Defense Alliance (ADA) to help improve their ability to identify malicious apps before they are published to the Google Play store.
Read MoreCredit to Author: Mickey Jin| Date: Tue, 20 Dec 2022 00:00:00 +0000
More than two years ago, a researcher, A2nkF demonstrated the exploit chain from root privilege escalation to SIP-Bypass up to arbitrary kernel extension loading. In this blog entry, we will discuss how we discovered 3 more vulnerabilities from the old exploit chain.
Read MoreCredit to Author: Feike Hacquebord| Date: Thu, 15 Dec 2022 00:00:00 +0000
Ransomware groups and their business models are expected to change from what and how we know it to date. In this blog entry, we summarize from some of our insights the triggers that spark the small changes in the short term (“evolutions”) and the bigger deviations (“revolutions”) they can redirect their criminal enterprises to in the long run.
Read MoreCredit to Author: Jaromir Horejsi| Date: Wed, 14 Dec 2022 00:00:00 +0000
This report examines the infection chain and the pieces of malware used by malicious actors in supply-chain attacks that leveraged trojanized installers of chat-based customer engagement platforms.
Read MoreCredit to Author: Mickey Jin| Date: Fri, 11 Nov 2022 00:00:00 +0000
This blog entry details our investigation of CVE-2019-8561, a vulnerability that exists in the macOS PackageKit framework, a component used to install software installer packages (PKG files).
Read More