An In-Depth Look at ICS Vulnerabilities Part 3
In our series wrap-up, we look into CVEs that affect critical manufacturing based on MITRE’s matrix. We also explore common ICS-affecting vulnerabilities identified in 2021.
Computer Security Articles
RSS Reader for Computer Security Articles
trend micro research : research
Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload
Credit to Author: Earle Maui Earnshaw| Date: Tue, 05 Apr 2022 00:00:00 +0000
Both BLISTER and SocGholish are loaders known for their evasion tactics. Our report details what these loaders are capable of and our investigation into a campaign that uses both to deliver the LockBit ransomware.
Read MoreMacOS SUHelper Root Privilege Escalation Vulnerability: A Deep Dive Into CVE-2022-22639
Credit to Author: Mickey Jin| Date: Mon, 04 Apr 2022 00:00:00 +0000
We discovered a now-patched vulnerability in macOS SUHelper, designated as CVE-2022-22639. If exploited, the vulnerability could allow malicious actors to gain root privilege escalation.
Read MoreAn In-Depth Look at ICS Vulnerabilities Part 2
In part two of our three-part series, we continue to analyze vulnerabilities using MITRE ATT&CK. We also look into the sectors affected and their risk levels.
An In-Depth Look at ICS Vulnerabilities Part 1
In this blog series our team examined various ICS vulnerabilities using the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS.
Why Organizations Should Take Cloud-Based Cryptocurrency-Mining Attacks Seriously
Credit to Author: Mayra Rosario Fuentes| Date: Tue, 29 Mar 2022 00:00:00 +0000
One of the recent trends we’ve observed is the rise of cloud-based cryptocurrency-mining groups that exploit cloud resources, specifically the CPU power of deployed cloud instances, to mine cryptocurrency.
Read MorePurple Fox Uses New Arrival Vector and Improves Malware Arsenal
Credit to Author: Sherif Magdy| Date: Fri, 25 Mar 2022 00:00:00 +0000
Purple Fox is an old threat that has been making waves since 2018. This most recent investigation covers Purple Fox’s new arrival vector and early access loaders. Users’ machines seem to be targeted with malicious payloads masquerading as legitimate application installers.
Read MoreAn Investigation of Cryptocurrency Scams and Schemes
Credit to Author: Cifer Fang| Date: Thu, 24 Mar 2022 00:00:00 +0000
We provide an overview of the diverse range of NFT- and cryptocurrency-related scams that malicious actors use to steal assets worldwide.
Read More