CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks

Our threat hunters discovered CVE-2024-38112, which was used as a zero-day by APT group Void Banshee, to access and execute files through the disabled Internet Explorer using MSHTML. We promptly identified and reported this zero-day vulnerability to Microsoft, and it has been patched. Read More HERE…

Read more

Why You Need Network Detection & Response Now

Cybersecurity teams are well-equipped to handle threats to technology assets that they manage. But with unmanaged devices providing ideal spots for attackers to lurk unseen, network detection and response capabilities have become vitally important. Read More HERE…

Read more

Network detection & response: the SOC stress reliever

Cybersecurity teams are well-equipped to handle threats to technology assets that they manage. But with unmanaged devices providing ideal spots for attackers to lurk unseen, network detection and response capabilities have become vitally important. Read More HERE…

Read more

An In-Depth Look at Crypto-Crime in 2023 Part 1

Cybersecurity is a growing concern in today’s digital age, as more sensitive information is stored and transmitted online. With the rise of cryptocurrencies, there has also been a rise in crypto-crimes, which pose a significant threat to the security of both individuals and businesses. Read More HERE…

Read more

Turning Jenkins Into a Cryptomining Machine From an Attacker’s Perspective

In this blog entry, we will discuss how the Jenkins Script Console can be weaponized by attackers for cryptomining activity if not configured properly. Read More HERE…

Read more

AI Pulse: Siri Says Hi to OpenAI, Deepfake Olympics & more

AI Pulse is a new blog series from Trend Micro on the latest cybersecurity AI news. In this edition: Siri says hi to OpenAI, fraud hogs the AI cybercrime spotlight, and why the Paris Olympics could be a hotbed of deepfakery. Read More HERE…

Read more

Attackers in Profile: menuPass and ALPHV/BlackCat

To test the effectiveness of managed services like our Trend Micro managed detection and response offering, MITRE Engenuity™ combined the tools, techniques, and practices of two globally notorious bad actors: menuPass and ALPHV/BlackCat. This blog tells the story of why they were chosen and what makes them threats to be reckoned with. Read More HERE…

Read more

Not Just Another 100% Score: MITRE ENGENIUTY ATT&CK

The latest MITRE Engenuity ATT&CK Evaluations pitted leading managed detection and response (MDR) services against threats modeled on the menuPass and BlackCat/AlphV adversary groups. Trend Micro achieved 100% detection across all 15 major attack steps with an 86% actionable rate for those steps— balancing detections and business priorities including operational continuity and minimized disruption. Read More HERE…

Read more