• 07 de mayo de 2024
    The LockBit intrusion set, tracked by Trend Micro as Water Selkie, has one of the most active ransomware operations today. With LockBit’s strong malware capabilities and affiliate program, organizations should keep abreast of its machinations to effectively spot risks and defend against attacks.
  • 02 de mayo de 2024
    Container Advisor (cAdvisor) is an open-source monitoring tool for containers that is widely used in cloud services. It logs and monitors metrics like network input/output (I/O), disk I/O, and CPU usage. However, misconfigured deployments might inadvertently expose sensitive information, including environment variables such as Prometheus metrics. In this article, we share our findings of the risks we have uncovered and the vulnerable configurations users need to be aware of.
  • 26 de abril de 2024
    Nuestra vigilancia e investigación continuas del panorama de amenazas en 2023 mostraron patrones que sugieren que los ciberdelincuentes están aprendiendo a priorizar el contenido sobre el tamaño a medida que aprovechan la superficie de ataque en expansión.
  • 25 de abril de 2024
    Despite positioning themselves as penetration testers, 8Base ransomware threat actors profit off their victims that are significantly comprised of small businesses. In this feature, we investigate how the gang operates to gain insights on how organizations can protect systems better from compromises that could result in financial loss.  
  • 22 de abril de 2024
    In the latest installment of our ongoing series where we identify and investigate security flaws in Azure Machine Learning (AML), we explore how cybercriminals could manage to covertly gain persistence in AML workspaces.
  • 17 de abril de 2024
    Although a legitimate approach, sidecar containers can add even more complexity to Kubernetes (K8s) clusters, not only making it harder to manage but also to detect compromises. This article demonstrates that attackers can leverage the sidecar injection technique after compromising a K8s cluster to remain stealthy and avoid detection, and how to protect K8s clusters from this malicious activity.
  • 28 de marzo de 2024
    This article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handling
  • 27 de marzo de 2024
    We cover the key trends that defined the ransomware threat landscape in the second half of 2023. Data from RaaS and extortion groups’ leak sites, open-source intelligence (OSINT) research, and the Trend Micro telemetry shows that LockBit, BlackCat, and Clop continued to rank among the active RaaS and extortion groups with the highest victim counts during this period.
  • 08 de marzo de 2024
    This article focuses on the Apache APISIX API gateway and its security implications.