Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. Read More HERE…
Trend Micro Research : Research
World Tour Survey: Cloud Engineers Wrestle with Risk
Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what cloud security engineers teams had to say. Read More HERE…
Trend Micro™ Managed XDR Analysis of Infection From Fake Installers and Cracks
Our research shows how attackers use platforms like YouTube to spread fake installers via trusted hosting services, employing encryption to evade detection and steal sensitive browser data. Read More HERE…
How Cracks and Installers Bring Malware to Your Device
Our research shows how attackers use platforms like YouTube to spread fake installers via trusted hosting services, employing encryption to evade detection and steal sensitive browser data. Read More HERE…
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Our blog entry discusses a fake PoC exploit for LDAPNightmare (CVE-2024-49113) that is being used to distribute information-stealing malware. Read More HERE…
Trend Micro Contributes and Maps Container Security to MITRE ATT&CK: A Game-Changer for Cyber Defense
Trend Micro leads the way by mapping its Container Security detection capabilities to the MITRE ATT&CK framework for Containers and contributing real-world attack data. Read More HERE…
What We Know About CVE-2024-49112 and CVE-2024-49113
This blog entry provides an overview of CVE-2024-49112 and CVE-2024-49113 and includes information that IT and SOC professionals need to know to stay protected against possible exploitation. Read More HERE…
Python-Based NodeStealer Version Targets Facebook Ads Manager
In this blog entry, Trend Micro’s Managed XDR team discuss their investigation into how the latest variant of NodeStealer is delivered through spear-phishing attacks, potentially leading to malware execution, data theft, and the exfiltration of sensitive information via Telegram. Read More HERE…
Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks
APT group Earth Koshchei, suspected to be sponsored by the SVR, executed a large-scale rogue RDP campaign using spear-phishing emails, red team tools, and sophisticated anonymization techniques to target high-profile sectors. Read More HERE…
Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion
In this blog entry, we discuss a social engineering attack that tricked the victim into installing a remote access tool, triggering DarkGate malware activities and an attempted C&C connection. Read More HERE…