Trend Micro Research : Exploits&Vulnerabilities Archives

Azure Serverless Security Risks Exposed by New Study

March 29, 2023 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Research

Simulation uncovers hidden features and urges greater user awareness Read More HERE…

TrendMicro

Making the digital world safer, one Tesla at a time

March 27, 2023 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Connected Car, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : IoT, Trend Micro Research : Latest News, Trend Micro Research : Ransomware

Contestants gather at Pwn2Own Vancouver to showcase their skills and uncover vulnerabilities Read More HERE…

TrendMicro

Earth Preta’s Cyberespionage Campaign Hits Over 200

March 27, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Deep Web, Trend Micro Research : Endpoints, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Mobile, Trend Micro Research : Network, Trend Micro Research : Privacy&Risks

We present a case study of the cyberespionage efforts by Earth Preta. This study on an active campaign delves into the structure, goals, and requirements of the organizations involved, and provides an opportunity to conduct wider intelligence analysis and insights in the development of effective countermeasures. Read More HERE…

TrendMicro

Patch CVE-2023-23397 Immediately: What You Need To Know and Do

March 21, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Threats, Trend Micro Research : Data center, Trend Micro Research : Endpoints, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Network

We break down the basic information of CVE-2023-23397, the zero-day, zero-touch vulnerability that was rated 9.8 on the Common Vulnerability Scoring System (CVSS) scale. Read More HERE…

TrendMicro

Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting

March 1, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Network

We detail the update that advanced persistent threat (APT) group Iron Tiger made on the custom malware family SysUpdate. In this version, we also found components that enable the malware to compromise Linux systems. Read More HERE…

TrendMicro

Invitation to a Secret Event: Uncovering Earth Yako’s Campaigns

February 16, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Network

We detail the intrusion set Earth Yako, attributed to the campaign Operation RestyLink or EneLink. This analysis was presented in full at the JSAC 2023 in January 2023. Read More HERE…

TrendMicro

Research Exposes Azure Serverless Security Blind Spots

February 2, 2023 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Research

Simulation uncovers hidden features and urges greater user awareness Read More HERE…

TrendMicro

Attacking The Supply Chain: Developer

January 25, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Compliance&Risks, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Mobile

In this proof of concept, we look into one of several attack vectors that can be abused to attack the supply chain: targeting the developer. With a focus on the local integrated developer environment (IDE), this proof considers the execution of malicious build scripts via injecting commands when the project or build is incorrectly “trusted”. Read More HERE…

TrendMicro

What is Red Teaming & How it Benefits Orgs

January 10, 2023 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Compliance&Risks, Trend Micro Research : Expert Perspective, Trend Micro Research : Exploits&Vulnerabilities

Running real-world attack simulations can help improve organizations’ cybersecurity resilience Read More HERE…

TrendMicro

A Technical Analysis of CVE-2022-22583 and CVE-2022-32800

December 21, 2022 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Research

This blog entry discusses the technical details of how we exploited CVE-2022-22583 using a different method. We also tackle the technical details of CVE-2022-32800, another SIP-bypass that we discovered more recently, in this report. Read More HERE…

← Previous