Protecting S3 from Malware: The Cold Hard Truth
Cloud object storage is a core component of any modern application, but most cloud file storage security is insufficient. Read More HERE…
Trend Micro Research : Cloud
What Exposed OPA Servers Can Tell You About Your Applications
This blog entry discusses what an OPA is and what it’s for, what we’ve discovered after identifying 389 exposed OPA servers via Shodan, and how exposed OPAs can negatively impact your applications’ overall security. Read More HERE…
Improve Threat Detection & Response with OCSF
New open source initiative helping organizations to detect and respond to cyber-attacks faster and easier Read More HERE…
Better Together: AWS and Trend Micro
This post relays the latest threat detection tool innovation of AWS – Amazon GuardDuty Malware Protection. This tool works closely with Trend Micro cloud solutions, providing another valuable layer of defense in our fight against a shared adversary. Read More HERE…
Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography
In this blog entry, we discuss a malicious campaign that targets Alibaba Cloud’s OSS buckets with leaked credentials for malware distribution and cryptojacking. Read More HERE…
Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography Sr. Security Researcher Threat Researcher
In this blog entry, we discuss a malicious campaign that targets Alibaba Cloud’s OSS buckets with leaked credentials for malware distribution and cryptojacking. Read More HERE…
Unpacking Cloud-Based Cryptocurrency Miners That Abuse GitHub Actions and Azure Virtual Machines
We investigate cloud-based cryptocurrency miners that leverage GitHub Actions and Azure virtual machines, including the cloud infrastructure and vulnerabilities that malicious actors exploit for easy monetary gain. Read More HERE…
Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware
We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being exfiltrated from the infected systems. However, we also found that some of the victims were infected with ransomware days after the data exfiltration. Read More HERE…