Research, News, and Perspectives

Social Media

How Underground Groups Use Stolen Identities and Deepfakes

The growing appearance of deepfake attacks is significantly reshaping the threat landscape. These fakes brings attacks such as business email compromise (BEC) and identity verification bypassing to new levels.

Research Sep 27, 2022

Save to Folio

Research Sep 27, 2022

Save to Folio

Compliance & Risks

Protecting healthcare customers from the threat of unpatched medical devices

Medical devices play an increasingly important role in the healthcare sector. From MRI scanners to wearable technology like blood glucose monitors, many are essential to diagnosing, monitoring and treating disease. But while they can work to improve patient health, the opposite is arguably true of IT health.

Reports Sep 26, 2022

Save to Folio

Reports Sep 26, 2022

Save to Folio

Exploits & Vulnerabilities

Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware

Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining.

Sep 21, 2022

Save to Folio

Sep 21, 2022

Save to Folio

Security Risks in Logistics APIs Used by E-Commerce Platforms

Our research examines the security flaws that we found in the logistics API implementation of e-commerce platforms that can potentially expose the consumers’ personal information. We discuss the security risks that such flaws present for software engineers, e-commerce platform providers, and consumers.

Research Sep 20, 2022

Save to Folio

Research Sep 20, 2022

Save to Folio

Ransomware

The Risk of Ransomware Supply Chain Attacks

Over the years, ransomware has become a major threat and it can put supply chains in deep trouble.

Research Sep 20, 2022

Save to Folio

Research Sep 20, 2022

Save to Folio

A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities

This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints.

Research Sep 14, 2022

Save to Folio

Research Sep 14, 2022

Save to Folio

Cloud

Security Breaks: TeamTNT’s DockerHub Credentials Leak

One of our honeypots based on exposed Docker REST APIs showed cybercriminal group TeamTNT’s potential attack scenario and leak of container registry credentials for docker-abuse malware. The full version of this research will be presented at the c0c0n XV Hacking and Cyber Security Conference in September 2022.

Sep 12, 2022

Save to Folio

Sep 12, 2022

Save to Folio

Cloud

How Malicious Actors Abuse Native Linux Tools in Attacks

Through our honeypots and telemetry, we were able to observe instances in which malicious actors abused native Linux tools to launch attacks on Linux environments. In this blog entry, we discuss how these utilities were used and provide recommendations on how to minimize their impact.

Research Sep 08, 2022

Save to Folio

Research Sep 08, 2022

Save to Folio

Cloud

Enhancing Cloud Security by Reducing Container Images Through Distroless Techniques

We analyzed the Distroless technique for reducing the size of container images and explored its capabilities to address security concerns. We provide an alternative approach to Distroless that reduces the attack surface for malicious actors targeting cloud-native applications while optimizing cloud resources.

Research Sep 07, 2022

Save to Folio

Research Sep 07, 2022

Save to Folio

Ransomware

How complex supply chains could be exposing your organisation to ransomware risk

Global ransomware losses are now measured in the billions of dollars. That’s bad news for everyone except for the threat actors themselves, and the hostile states that shelter them. In fact, a fifth of organisations claim that historic cyber-attacks have brought them to the brink of bankruptcy.

Research Sep 06, 2022

Save to Folio

Research Sep 06, 2022

Save to Folio