3 Remote Work Security Tips for CISOs
How can CISOs manage remote work security? Explore 3 tips to secure networks, endpoints, and users. Read More HERE…
TrendMicro
What is Cloud Native?
You’ve most likely heard the term “cloud native,” but what does it really mean? This article explores the five requirements of a true cloud native application. Read More HERE…
How to detect Apache Log4j vulnerabilities
Explore how to detect Apache Log4j (Log4Shell) vulnerabilities using cloud-native security tools. Read More HERE…
Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems
In 2021, a team of researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service (DDS) standard and its implementations from a security angle. The full findings of this research will be presented in the S4X22 Conference in April 2022. Read More HERE…
TianySpy Malware Uses Smishing Disguised as Message From Telco
Trend Micro confirmed a new mobile malware infection chain targeting both Android and iPhone devices. The malware might have been designed to steal credentials associated with membership websites of major Japanese telecommunication services. Read More HERE…
Investigating APT36 or Earth Karkaddan’s Attack Chain and Malware Arsenal
We investigated the most recent activities of APT36, also known as Earth Karkaddan, a politically motivated advanced persistent threat (APT) group, and discuss its use of CapraRAT, an Android RAT with clear similarities in design to the group’s favored Windows malware, Crimson RAT. Read More HERE…
Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant
LockBit ransomware’s operators announced the release of its first Linux and ESXi variant in October. With samples also spotted in the wild, we discuss the impact and analysis of this variant. Read More HERE…
Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware
We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection. Read More HERE…
Codex Exposed: Task Automation and Response Consistency
Being able to automate tasks or programmatically execute them unsupervised is an essential part of both regular and malicious computer usage, so we wondered if a tool like Codex was reliable enough to be scripted and left to run unsupervised, generating the required code. Read More HERE…
This Week in Security News – January 21, 2022
This week, read about various cybersecurity threats that affect industrial control and the Cybersecurity and Infrastructure Security Agency (CISA)’s latest cyberattack warnings. Read More HERE…