AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell
We found an AvosLocker ransomware variant using a legitimate anti-virus component to disable detection and blocking solutions. Read More HERE…
Trend Micro Research : Exploits&Vulnerabilities
AvosLocker Ransomware Variant Abuses Driver File to Disable Antivirus, Scans for Log4shell
We found an AvosLocker ransomware variant using a legitimate antivirus component to disable detection and blocking solutions. Read More HERE…
How to better manage your digital attack surface risk
As organizations shift to the cloud in droves, their digital attack surface continues to rapidly expand. And with the number of threats rapidly increasing, security leaders need to enhance their attack surface risk management. We explore how a unified cybersecurity platform can help improve your defenses against cyber risk in comparison to point products. Read More HERE…
New Partner Bit Discovery Helps TM with Attack Surface
We’re excited to partner with Bit Discovery, bringing attack surface discovery capabilities to the Trend Micro One platform, providing ongoing visibility to internal assets (devices, identities, applications) but also external, internet-facing assets. Read More HERE…
Trend Micro Partnering with Bit Discovery
We’re excited to partner with Bit Discovery, bringing attack surface discovery capabilities to the Trend Micro One platform, providing ongoing visibility to internal assets (devices, identities, applications) but also external, internet-facing assets. Read More HERE…
Spring4Shell Vulnerability CVE-2022-22965 Exploited to Deploy Cryptocurrency Miners
Recently, we observed the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — being actively exploited by malicious actors to deploy cryptocurrency miners. Read More HERE…
Analyzing Attempts to Exploit the Spring4Shell Vulnerability CVE-2022-22965 to Deploy Cryptocurrency Miners
Recently, we observed attempts to exploit the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — by malicious actors to deploy cryptocurrency miners. Read More HERE…
Critically Underrated: Studying the Data Distribution Service (DDS) Protocol
Researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service (DDS) standard and its implementations from a security angle. The full findings of this research will be presented in the S4X22 Conference in April 2022. Read More HERE…
CVE-2022-22965: Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware
We discovered active exploitation of a vulnerability in the Spring Framework designated as CVE-2022-22965 that allows malicious actors to download the Mirai botnet malware. Read More HERE…
An In-Depth Look at ICS Vulnerabilities Part 3
In our series wrap-up, we look into CVEs that affect critical manufacturing based on MITRE’s matrix. We also explore common ICS-affecting vulnerabilities identified in 2021. Read More HERE…