apt & targeted attacks

Better Together: AWS and Trend Micro

Posted on by Admin
Better Together: AWS and Trend Micro

There’s a very good reason why AWS remains a leader in cloud computing. While many providers describe themselves as “customer obsessed,” few come close to our long-time partner in the lengths it goes to earn and retain the trust of its customers. AWS starts with the customer and works backwards. That means the vast majority of its feature enhancements and new services are directly driven from their input. The latest is Amazon GuardDuty Malware Protection….

Read More

Examples of Cyber Warfare #TrendTalksBizSec

Posted on by Admin
Examples of Cyber Warfare #TrendTalksBizSec

Jon Clay, VP of Threat Intelligence: [00:00:00] Hey welcome everybody. Jon Clay, VP of Threat Intelligence here at Trend Micro and welcome to another episode of #TrendTalksBizSec. Joining me again is my cohort in crime. Ed Cabrera, Chief Cybersecurity Officer: My name’s Ed Cabrera. I’m the Chief Cybersecurity Officer at Trend Micro. It’s great to be here. Jon: You know, interesting Ed, I recently was able to travel to Switzerland, to Davos for the World…

Read More

Celebrating 15 Years of Pwn2Own

Posted on by Admin
Celebrating 15 Years of Pwn2Own

Exploits & Vulnerabilities Join Erin Sindelar, Mike Gibson, Brian Gorenc, and Dustin Childs as they discuss Pwn2Own’s 15th anniversary, what we’ve learned, and how the program will continue to serve the cybersecurity community in the future. By: Trend Micro May 25, 2022 Read time:  ( words) Source link

Read More

AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell

Posted on by Admin
AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell

Conclusion While AvosLocker has been documented for its abuse of AnyDesk for lateral movement as its preferred application, we note that other remote access applications can also be abused to replace it. We think the same can be said for the software deployment tool, wherein the malicious actors can subsequently decide to replace and abuse it with other commercially available ones. In addition, aside from its availability, the decision to choose the specific rootkit driver…

Read More

New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware

Posted on by Admin
New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware

We dubbed these downloaders PuppetDownloaders since they are connected to the PuppetLoader malware family, as evidenced by our observations: This malware and PuppetLoader both use the same string decryption routine that uses the same key. This malware and PuppetLoader both use the same XOR key (2726c6aea9970bb95211304705b5f595) that is used to decrypt the embedded Loader.dll file. This malware and PuppetLoader’s decrypted Loader.dlls share similar strings such as “[-] UnExist pwszModuleFunName:”. This suggests that a common framework…

Read More

Critically Underrated: Studying the Data Distribution Service (DDS) Protocol

Posted on by Admin
Critically Underrated: Studying the Data Distribution Service (DDS) Protocol

By Federico Maggi, Rainer Vosseler (Trend Micro Research), Mars Cheng, Patrick Kuo, Chizuru Toyama, Ta-Lun Yen (TXOne Networks), Erik Boasson (ADLINK), and Victor Mayoral Vilches (Alias Robotics) Despite being unknown even to industry practitioners, the Data Distribution Service (DDS) protocol has been in use for more than a decade. This middleware software technology is responsible for running billions of public and private devices and mechanisms currently in use.  DDS is integral in embedded systems that…

Read More

MITRE Engenuity ATT&CK Tests

Posted on by Admin
MITRE Engenuity ATT&CK Tests

By developing a common language to arm analysts with a standard to describe attacks, MITRE ATT&CK has become a critical knowledgebase for cyber defenders, ultimately improving security efficiency and response time. The annual MITRE Evaluation compares industry-wide innovation to deliver the solutions necessary to detect and respond to the evolving threat landscape. The evaluation offers cybersecurity solution buyers and customers with an unbiased option to evaluate security products to arm themselves against the latest advances from attackers…

Read More

Cyclops Blink Sets Sights on Asus Routers

Posted on by Admin
Cyclops Blink Sets Sights on Asus Routers

Conclusion and security recommendations Over the past few years, IoT attacks have been escalating globally and internet routers have been one of the primary targets. There are several reasons that these devices are favored by an attacker — the infrequency of patching, the lack of security software, and the limited visibility of defenders. Combined, these allow for the possibility of what we refer to as “eternal botnets.” Once an IoT device is infected with malware,…

Read More

Will Russian Oil Ban Spur Increased Cyber-Attacks

Posted on by Admin
Will Russian Oil Ban Spur Increased Cyber-Attacks

On March 8, President Biden signed an Executive Order to ban the sale of Russian oil, liquefied natural gas and coal to the United States. With bipartisan support, the decision was made to deprive the Putin regime of the economic resources needed to wage war in Ukraine. However, marking as it does an escalation in punitive actions directed at the Russian state, it may also put US companies more directly in the firing line of…

Read More

Global Cyberattacks: How to Manage Risk in Times of Chaos

Posted on by Admin
Global Cyberattacks: How to Manage Risk in Times of Chaos

Global Cyberattacks: How to Manage Risk in Times of Chaos Cyber Threats As global tension rises, cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices are presented to manage your cyber risk. By: Trend Micro February 24, 2022 Read time:  ( words) While it seems almost cliché now, we are living in unprecedented times. The global pandemic has forced organizations everywhere to deal not only with health and supply-chain challenges, but…

Read More
1 2 3 4