Breaking Down Earth Estries’ Persistent TTPs in Prolonged Cyber Operations
Discover how Earth Estries employs a diverse set of tactics, techniques, and tools, including malware such as Zingdoor and Snappybee, for its campaigns. Read More HERE…
TrendMicro
SOC Around the Clock: World Tour Survey Findings
Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what SOC teams had to say. Read More HERE…
SOC Around the Clock: World Tour Survey Findings
Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what SOC teams had to say. Read More HERE…
AI Pulse: Election Deepfakes, Disasters, Scams & more
In the final weeks before November’s U.S. election, cybersecurity experts were calling October 2024 the “month of mischief”—a magnet for bad actors looking to disrupt the democratic process through AI-generated misinformation. This issue of AI Pulse looks at what can be done about deepfakes and other AI scams, and why defense-in-depth is the only way to go. Read More HERE…
Attacker Abuses Victim Resources to Reap Rewards from Titan Network
In this blog entry, we discuss how an attacker took advantage of the Atlassian Confluence vulnerability CVE-2023-22527 to connect servers to the Titan Network for cryptomining purposes. Read More HERE…
Understanding the Initial Stages of Web Shell and VPN Threats: An MXDR Analysis
While cyberattacks that employ web shells and VPN compromise are not particularly novel, they are still prevalent. The recent incidents that Trend Micro MXDR analyzed
highlight the importance of behavioral analysis and anomaly detection in security measures. Read More HERE…
Unmasking Prometei: A Deep Dive Into Our MXDR Findings
How does Prometei insidiously operate in a compromised system? This Managed Extended Detection and Response investigation conducted with the help of Trend Vision One provides a comprehensive analysis of the inner workings of this botnet so users can stop the threat in its tracks before it inflicts damage to the system. Read More HERE…
Using gRPC and HTTP/2 for Cryptominer Deployment: An Unconventional Approach
In this blog entry, we discuss how malicious actors are exploiting Docker remote API servers via gRPC/h2c to deploy the cryptominer SRBMiner to facilitate their mining of XRP on Docker hosts. Read More HERE…
Attackers Target Exposed Docker Remote API Servers With perfctl Malware
We observed an unknown threat actor abusing exposed Docker remote API servers to deploy the perfctl malware. Read More HERE…
Gartner 2024 CNAPP Market Guide Insights for Leaders
As businesses increasingly pivot to cloud-native applications, the landscape of cybersecurity becomes ever more challenging. Read More HERE…