CISA Releases Automotive Cybersecurity Guide
The guide helps Transportation System Sector partners understand the cyber-physical risks related to AVs and discusses mitigation strategies they can implement. Read More HERE…
TrendMicro
Secure Public Web Apps Running on Azure
Discover how to meet your end of the shared responsibility model with simplified security integrations for Azure. Read More HERE…
PurpleFox Adds New Backdoor That Uses WebSockets Threat Intelligence Analyst Director, MDR Operations Threat Intelligence Analyst
In September 2021, the Trend Micro Managed XDR (MDR) team looked into suspicious activity related to a PurpleFox operator. Our findings led us to investigate an updated PurpleFox arsenal, which included an added vulnerability (CVE-2021-1732) and optimized rootkit capabilities leveraged in their attacks. Read More HERE…
Secure Public Web Apps Running on Azure Product Manager Developer
Discover how to meet your end of the shared responsibility model with simplified security integrations for Azure. Read More HERE…
PurpleFox Adds New Backdoor That Uses WebSockets
In September 2021, the Trend Micro Managed XDR (MDR) team looked into suspicious activity related to a PurpleFox operator. Our findings led us to investigate an updated PurpleFox arsenal, which included an added vulnerability (CVE-2021-1732) and optimized rootkit capabilities leveraged in their attacks. Read More HERE…
Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One Vulnerability Researcher Threat Researcher
We look into campaigns that exploit the following server vulnerabilities: CVE-2021-26084, CVE-2020-14882, CVE-2020-14750, and CVE-2020-14883. Read More HERE…
Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One
We look into campaigns that exploit the following server vulnerabilities: CVE-2021-26084, CVE-2020-14882, CVE-2020-14750, and CVE-2020-14883. Read More HERE…
This Week in Security News – October 15, 2021
Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more. Read More HERE…
This Week in Security News – October 15, 2021 VP, Threat Intelligence
Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more. Read More HERE…
Ransomware Operators Found Using New “Franchise” Business Model Sr. Threat Researcher
We found a relatively new and interesting ransomware operation that takes inspiration from franchise business models. It seems that the operators are rebranding a “supplier” ransomware before deployment instead of simply distributing it under the original name. Read More HERE…