privacy & risks

Attack Surface Management 2022 Midyear Review Part 3

Posted on November 3, 2022November 5, 2022 by Admin

With the rise of ransomware and other vulnerabilities, it has been an eventful year in cybersecurity. In part two, we discussed these issues at length today as well as their implications on a global scale for both businesses large (and small). In the last and final part of the series, we talk about how malicious actors take advantage of cloud tunnelling and how misconfiguration remains a headache for most organization. Malicious Actors Abuse Cloud Tunneling…

Attack Surface Management 2022 Midyear Review Part 2

Posted on October 27, 2022October 27, 2022 by Admin

The number of vulnerabilities published by CVE increased in the first half of 2022, with 12,380 records compared to 9,420 during the same period last year. This trend was also seen through Trend Micro ZDI. There was an increase from 770 Advisories issued between January 1st and June 30th 2021. Now, there are 944 total security alerts available via this program since the midyear of 2022 alone. Vulnerabilities with a high-severity rating made up the…

Threat Actors Target AWS EC2 Workloads to Steal Credentials

Posted on October 26, 2022October 26, 2022 by Admin

Threat Actors Target AWS EC2 Workloads to Steal Credentials Cloud We found malicious samples attempting to steal Amazon Elastic Compute Cloud (EC2) Workloads’ access keys and tokens via typosquatting and the abuse of legitimate tools. By: Nitesh Surana October 26, 2022 Read time: ( words) Recently, we came across an exploitation attempt leveraging monitoring and visualization tool Weave Scope to enumerate the Amazon Web Services (AWS) instance metadata service (IMDS) from Elastic Compute Cloud (EC2)…

Attack Surface Management 2022 Midyear Review Part 1

Posted on October 20, 2022October 20, 2022 by Admin

Attack Surface Management 2022 Midyear Review Part 1 Privacy & Risks In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year. By: Trend Micro October 20, 2022 Read time: ( words) The digital age is an exciting time for businesses as it offers the opportunity to be more efficient and effective with how things are done. Many companies have taken…

Security Breaks: TeamTNT’s DockerHub Credentials Leak

Posted on September 12, 2022September 12, 2022 by Admin

We constantly deploy and study our honeypots to get a view of actively exploited vulnerabilities and misconfigurations on platforms and services that pose cloud security risks. One of these honeypots is based on exposed Docker REST API for analysis from cloud services providers’ and users’ perspectives. Upon analyzing the samples, we realized and were able to understand the threat actors’ use of container registry features for Docker malware and tactics, techniques, and procedures (TTPs). Our…

Analyzing the Hidden Danger of Environment Variables for Keeping Secrets

Posted on August 17, 2022August 17, 2022 by Admin

Analyzing the Hidden Danger of Environment Variables for Keeping Secrets Cloud While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows. By: David Fiser, Alfredo Oliveira August 17, 2022 Read time: ( words) The use of environment variables is a common practice in the DevOps community as it provides easy access to configuration properties. It comes in handy…

Oil and Gas Cybersecurity: Recommendations Part 3

Posted on August 15, 2022August 15, 2022 by Admin

Oil and Gas Cybersecurity: Recommendations Part 3 Cyber Threats In the final part of our series, we look at the APT33 case study and several recommendations from our expert team. By: Trend Micro August 15, 2022 Read time: ( words) The oil and gas industry continues to be a prime target for threat actors who want to disrupt the operation and wreak havoc. In part two, we discussed various threats that can affect an oil…

Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users

Posted on August 12, 2022August 12, 2022 by Admin

We confirmed that both the legitimate and the malicious versions of the chat installer were unsigned, which means the users of MiMi chat were probably used to all these extra steps to finally install the application despite all the macOS watchguards. HyperBro The HyperBro malware family has been around since 2017 and has been extensively analyzed. It was updated in mid-2019, which we described in detail in our Operation DRBControl paper. The version used in…

CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies

Posted on August 11, 2022August 11, 2022 by Admin

CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies Malware We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via a malicious Chromium-based browser extension. By: Jaromir Horejsi, Joseph C Chen August 11, 2022 Read time: ( words) We published our analyses on CopperStealer distributing malware by abusing various components such as browser stealer, adware browser extension, or remote desktop. Tracking the cybercriminal group’s latest…

Oil and Gas Cybersecurity: Threats Part 2

Posted on August 11, 2022August 13, 2022 by Admin

Oil and Gas Cybersecurity: Threats Part 2 Cyber Threats In part two of our oil and gas series, we look at more threats that can expose the industry to cyberattacks. By: Trend Micro August 11, 2022 Read time: ( words) The Russia-Ukraine war has posed threats to the oil and gas industry. Our team even uncovered several alleged attacks perpetrated by various groups during a March 2022 research. In part one, we exhibit how a…

« 1 2 3 »

Attack Surface Management 2022 Midyear Review Part 3

Attack Surface Management 2022 Midyear Review Part 2

Attack Surface Management 2022 Midyear Review Part 1

Oil and Gas Cybersecurity: Recommendations Part 3

Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users

CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies

Oil and Gas Cybersecurity: Threats Part 2

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)