Analyzing How TeamTNT Used Compromised Docker Hub Accounts

Analyzing How TeamTNT Used Compromised Docker Hub Accounts

Analyzing How TeamTNT Used Compromised Docker Hub Accounts Cloud Following our previous disclosure of compromised Docker hub accounts delivering cryptocurrency miners, we analyze these accounts and discover more malicious actions that you need to be aware of. By: Trend Micro Research December 01, 2021 Read time:  ( words) In early November, we disclosed that compromised Docker Hub accounts were being used for cryptocurrency mining and that these activities were tied to the TeamTNT threat actor….

Read More

Enterprise Strategy Group Verifies Valuation of XDR Solutions

Enterprise Strategy Group Verifies Valuation of XDR Solutions

  Why XDR It’s been established that EDR doesn’t do enough to detect threats—it is, after all only on the endpoint and over 90% of threats enter the enterprise through email and other avenues. And while many respondents considered SIEM their most valuable tool for threat detection and response, they also faced many challenges with it. Namely, 57% said they had operation and resource issues, 58% noted there was room for improvement with upfront correlation…

Read More

What You Can Do to Mitigate Cloud Misconfigurations

What You Can Do to Mitigate Cloud Misconfigurations

Our data also showed a high frequency of Amazon Simple Storage Service (S3) rule violations. Still, it is necessary to examine the data further before fearing for the worst. For one, not all Amazon S3 buckets are supposed to be encrypted. In some instances, encryption is not needed. These are cases where the data needs to be served in clear text such as for public sites or data that needs to be openly accessed through…

Read More

Trend Micro Cloud One Network Security-as-a-Service

Trend Micro Cloud One Network Security-as-a-Service

Simplifying network security in the cloud has been the primary objective of Trend Micro Cloud One – Network Security. At Trend Micro, we focus on making deployment as easy as possible for our customers. We help customers avoid re-architecture, and we don’t interfere with network traffic, so we’ve enabled customers to achieve broad and deep network layer security across entire VPCs within minutes. Trend Micro, alongside Amazon Web Services (AWS), has worked to provide the…

Read More

AWS re:Invent 2021 Guide: Checklist & Key Sessions

AWS re:Invent 2021 Guide: Checklist & Key Sessions

AWS re:Invent 2021 Guide: Checklist & Key Sessions Cyber Threats Welcome to your complete guide to AWS re:Invent 2021, where you will find tips on how to get the most out of your conference experience both in Las Vegas and virtually. By: Aaron Ansari November 29, 2021 Read time:  ( words) AWS re:Invent is back in person for 2021 – providing the opportunity for viewing of their world-class content in the flesh. If you decide…

Read More

This Week in Security News – November 19, 2021

This Week in Security News – November 19, 2021

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about how the QAKBOT Loader malware has evolved its techniques and strategies over time. Also, read about the most recent initiative by the legislation to further cybersecurity protection. Read on: QAKBOT Loader Returns with New Techniques and Tools QAKBOT is a prevalent information-stealing malware that was first…

Read More

Digital Transformation Post-Pandemic Stats & Research

Digital Transformation Post-Pandemic Stats & Research

IT and business leaders have rarely seen eye-to-eye on cybersecurity, but today the friction seems more pronounced than ever. New Trend Micro research found that over 90% of IT decision-makers believe their organization would be willing to compromise on cybersecurity in favor of other priorities like digital transformation, productivity or customer experience. The short-term benefits of such a strategy are not worth the long-term costs. To succeed in the post-pandemic era, organizations must reconcile this…

Read More

Groups Target Alibaba ECS Instances for Cryptojacking

Groups Target Alibaba ECS Instances for Cryptojacking

Groups Target Alibaba ECS Instances for Cryptojacking Cloud We looked at how some malicious groups disable features in Alibaba Cloud ECS instances for illicit mining of Monero. By: David Fiser, Alfredo Oliveira November 15, 2021 Read time:  ( words) It’s been known that threat actors are actively exploiting misconfigured Linux-powered servers, regardless of whether they run on-premises or in the cloud. The compromised devices are mostly used for cryptojacking purposes with the dominance of mining…

Read More

This Week in Security News – November 12, 2021

This Week in Security News – November 19, 2021

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about the prolific cybermercenaries, Void Balaur, and their recent attacks. Also, read on the 80-country agreement to mobilize safeguards against cyberattacks. Read on: Void Balaur and the Rise of the Cybermercenary Industry One of the most prolific cybermercenaries is Void Balaur, a Russian-speaking threat actor group that…

Read More

TeamTNT Upgrades Arsenal Refines Focus on Kubernetes and GPU Environments

TeamTNT Upgrades Arsenal Refines Focus on Kubernetes and GPU Environments

TeamTNT Upgrades Arsenal Refines Focus on Kubernetes and GPU Environments Using a new batch of campaign samples, we take a look at its more recent cybercrime contributions and compare them with its previous deployments to demonstrate the group’s use of upgraded tools and payloads. By: David Fiser, Alfredo Oliveira November 11, 2021 Read time:  ( words) In previous entries, we described how the hacking group TeamTNT targeted unsecured Redis instances, exposed Docker APIs, and vulnerable Kubernetes clusters in order to deploy cryptocurrency-mining payloads and credential…

Read More
1 15 16 17 18