Why Cyber Change Outpaces Boardroom Engagement
Organizations must avoid the mistakes of the past and build a security-by-design culture that permeates enterprise-wide. Read More HERE…
Trend Micro Research : Articles, News, Reports
The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It
Information on the latest Samba vulnerability and how to protect systems against the threats that can exploit it. Read More HERE…
This Week in Security News – January 28th, 2022
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read the third installment of Trend Micro’s Codex series. Also, read about the White House’s latest zero-trust approach to its cybersecurity strategy. Read More HERE…
Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems
In 2021, a team of researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service (DDS) standard and its implementations from a security angle. The full findings of this research will be presented in the S4X22 Conference in April 2022. Read More HERE…
TianySpy Malware Uses Smishing Disguised as Message From Telco
Trend Micro confirmed a new mobile malware infection chain targeting both Android and iPhone devices. The malware might have been designed to steal credentials associated with membership websites of major Japanese telecommunication services. Read More HERE…
Investigating APT36 or Earth Karkaddan’s Attack Chain and Malware Arsenal
We investigated the most recent activities of APT36, also known as Earth Karkaddan, a politically motivated advanced persistent threat (APT) group, and discuss its use of CapraRAT, an Android RAT with clear similarities in design to the group’s favored Windows malware, Crimson RAT. Read More HERE…
Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant
LockBit ransomware’s operators announced the release of its first Linux and ESXi variant in October. With samples also spotted in the wild, we discuss the impact and analysis of this variant. Read More HERE…
Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware
We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection. Read More HERE…
Codex Exposed: Task Automation and Response Consistency
Being able to automate tasks or programmatically execute them unsupervised is an essential part of both regular and malicious computer usage, so we wondered if a tool like Codex was reliable enough to be scripted and left to run unsupervised, generating the required code. Read More HERE…