Monday, November 21, 2022
Latest:

Trend Micro Research : Endpoints

TrendMicro 

Tracking Earth Aughisky’s Malware and Changes

TH Author , , , , , , , ,

For over 10 years, security researchers have been observing and keeping tabs of APT group Earth Aughisky’s malware families and the connections, including previously documented malware that have yet to be attributed. Read More HERE…

Read more
TrendMicro 

Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware

TH Author , , , , , ,

Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining. Read More HERE…

Read more
TrendMicro 

A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities

TH Author , , ,

This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints. Read More HERE…

Read more
TrendMicro 

Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm

TH Author , , ,

In March 2021, we investigated a backdoor with a unique modular architecture and called it BumbleBee due to a string embedded in the malware. However, in our recent investigations, we have discovered a controller application that expands its capabilities. Read More HERE…

Read more
TrendMicro 

Tackling the Growing and Evolving Digital Attack Surface: 2022 Midyear Cybersecurity Report

TH Author , , , ,

This blog entry highlights the threats that dominated the first six months of the year, which we discussed in detail in our midyear cybersecurity roundup report, “Defending the Expanding Attack Surface.” Read More HERE…

Read more
TrendMicro 

Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus

TH Author , , , ,

We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware. Read More HERE…

Read more
TrendMicro 

Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users

TH Author , , , , , , ,

We found APT group Iron Tiger’s malware compromising chat application Mimi’s servers in a supply chain attack. Read More HERE…

Read more
TrendMicro 

CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies

TH Author , , , , ,

We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via a malicious Chromium-based browser extension. Read More HERE…

Read more
TrendMicro 

How Shady Code Commits Compromise the Security of the Open-Source Ecosystem

TH Author , , ,

In this blog entry, we discuss how open-source code has been subjected to protest-driven code modifications by its maintainers or backers. We also provide an analysis of what these incidents could mean for the IT industry and the open source community. Read More HERE…

Read more