articles

S4x23 Review Part 4: Cybersecurity for Industrial IoT

Posted on by Admin
S4x23 Review Part 4: Cybersecurity for Industrial IoT

Bellotti said first that we should start with the realization that legacy technologies are successful technologies. Legacy technologies remain because they are usable and important. They are the foundation for other systems therefore it has a significant impact when they are changed. But people believe in some myths of modernization. First, the technology is regarded as old. It doesn’t matter if the technology is new or old. For example, Python is older than Java, and…

Read More

Information on Attacks Involving 3CX Desktop App

Posted on by Admin
Information on Attacks Involving 3CX Desktop App

Note: This is a developing story and will be updated as needed. In late March 2023, security researchers revealed that threat actors abused a popular business communication software from 3CX — in particular, the reports mention that a version of the 3CX VoIP (Voice over Internet Protocol) desktop client was being employed to target 3CX’s customers as part of an attack. On its forums, 3CX has posted an update that recommends uninstalling the desktop app…

Read More

Mac Malware MacStealer Spreads as Fake P2E Apps

Posted on by Admin
Mac Malware MacStealer Spreads as Fake P2E Apps

Conclusion While not new, P2E games are enjoying a renewed interest and rise in popularity, and so will the efforts of threat actors aiming to take advantage of this growing trend. MacStealer malware is just one of many to take advantage of P2Es’ traction. P2E gamers, in particular, are lucrative targets because the economic model of these games requires them to adopt cryptocurrencies and wallets. Security researchers can find investigating the delivery of the malware…

Read More

Fight Mercenaries with these Cybersecurity Principles

Posted on by Admin
Fight Mercenaries with these Cybersecurity Principles

On March 27, 2023, the Cybersecurity Tech Accord (CTA) released a new set of principles to help guide the technology industry and others in dealing with the growing market of cyber mercenaries. Trend Micro was a co-author of these principles, bringing our expertise and research of cyber mercenaries to help craft these principles for the industry. Trend Micro is one of the founding members of the CTA, and we worked with other members, Cisco, META,…

Read More

ICS/OT Cybersecurity 2022 TXOne Annual Report Insights

Posted on by Admin
ICS/OT Cybersecurity 2022 TXOne Annual Report Insights

ICS/OT Cybersecurity 2022 TXOne Annual Report Insights Cyber Threats This article gives an in-depth overview of TXOne’s insight report on ICS/OT cyber incidents. By: Trend Micro March 29, 2023 Read time:  ( words) TXOne Networks, Trend Micro’s dedicated OT security subsidiary, has released its annual ICS/OT security report. This report consists of three studies: insights from ICS/OT cyber incidents, an analysis of the ICS/OT security market, and an online survey of asset owners. This blog…

Read More

New OpcJacker Malware Distributed via Fake VPN Malvertising

Posted on by Admin
New OpcJacker Malware Distributed via Fake VPN Malvertising

New OpcJacker Malware Distributed via Fake VPN Malvertising Malware We discovered a new malware, which we named “OpcJacker” (due to its opcode configuration design and its cryptocurrency hijacking ability), that has been distributed in the wild since the second half of 2022. By: Jaromir Horejsi, Joseph C Chen March 29, 2023 Read time:  ( words) We discovered a new malware, which we named “OpcJacker” (due to its opcode configuration design and its cryptocurrency hijacking ability),…

Read More

Azure Serverless Security Risks Exposed by New Study

Posted on by Admin
Azure Serverless Security Risks Exposed by New Study

Serverless architectures are increasingly popular, as the cloud provider does most of the heavy lifting, allowing developers to focus on building and running their apps. But this popularity has attracted the scrutiny of threat actors. Although serverless environments have a relatively reduced attack surface, with certain responsibilities shifted to the cloud provider (CSP), users must be careful not to introduce extra risk. This could happen if they write insecure code, misconfigure assets or fail to…

Read More

Earth Preta’s Cyberespionage Campaign Hits Over 200

Posted on by Admin
Earth Preta’s Cyberespionage Campaign Hits Over 200

This mix of traditional intelligence trade craft and cyber techniques could mean that these groups have access to advanced resources and support from nation states, since such techniques are not typically available to independent hackers. Moreover, this approach could signify the growing convergence of cyber- and physical security as cyberattacks continue to move beyond digital systems and into the physical world. Operation groups While this is not a comprehensive list, we summarize and attribute the…

Read More

Earth Preta Updated Stealthy Strategies

Posted on by Admin
Earth Preta Updated Stealthy Strategies

We categorize the different TTPs into six stages: arrival vectors, discovery, privilege escalation, lateral movement, command and control (C&C) and exfiltration, respectively. In our previous research, we covered most of the new TTPs and malware during the first stage, arrival vectors. However, we observed that some of TTPs have been changed. In the following sections, we focus on the updated arrival vectors and their succeeding stages. We previously summarized the arrival vectors used by Earth…

Read More

Patch CVE-2023-23397 Immediately: What You Need To Know and Do

Posted on by Admin
Patch CVE-2023-23397 Immediately: What You Need To Know and Do

How is CVE-2023-23397 exploited? The attacker sends a message to the victim with an extended Message Application Program Interface (MAPI) property with a Universal Naming Convention (UNC) path to a remote attacker-controlled Server Message Block (SMB, via TCP 445). Share-hosted on a server controlled by the attacker, the vulnerability is exploited whether the recipient has seen the message or not. The attacker remotely sends a malicious calendar invite represented by .msg — the message format…

Read More
1 2 3 4 27