Content added to Folio

Research, News, and Perspectives

Add Filters
Filter by:
Threats
Environments
Article Type
Medium
Tackling the Growing and Evolving Digital Attack Surface: 2022 Midyear Cybersecurity Report
Cyber Threats

Tackling the Growing and Evolving Digital Attack Surface: 2022 Midyear Cybersecurity Report

This blog entry highlights the threats that dominated the first six months of the year, which we discussed in detail in our midyear cybersecurity roundup report, “Defending the Expanding Attack Surface.”

August 31, 2022

Trending Topics

Ransomware

Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus

IoT

Forecasting Metaverse Threats: Will it Become Metaworse?

Cyber Threats

Cyberattacks are Prominent in the Russia-Ukraine Conflict

Cloud

Analyzing the Hidden Danger of Environment Variables for Keeping Secrets

Cyber Threats

How Water Labbu Exploits Electron-Based Applications

In the second part of our Water Labbu blog series, we explore how the threat actor exploits Electron-based applications using Cobalt Strike to deploy backdoors.

Research Oct 05, 2022

Save to Folio

Research Oct 05, 2022

Save to Folio

APT & Targeted Attacks

Tracking Earth Aughisky’s Malware and Changes

For over 10 years, security researchers have been observing and keeping tabs of APT group Earth Aughisky’s malware families and the connections, including previously documented malware that have yet to be attributed.

Oct 04, 2022

Save to Folio

Oct 04, 2022

Save to Folio

Cyber Crime

Water Labbu Abuses Malicious DApps to Steal Cryptocurrency

The parasitic Water Labbu capitalizes on the social engineering schemes of other scammers, injecting malicious JavaScript code into their malicious decentralized application websites to steal cryptocurrency.

Research Oct 03, 2022

Save to Folio

Research Oct 03, 2022

Save to Folio

Social Media

How Underground Groups Use Stolen Identities and Deepfakes

The growing appearance of deepfake attacks is significantly reshaping the threat landscape. These fakes brings attacks such as business email compromise (BEC) and identity verification bypassing to new levels.

Research Sep 27, 2022

Save to Folio

Research Sep 27, 2022

Save to Folio

Security Risks in Logistics APIs Used by E-Commerce Platforms

Our research examines the security flaws that we found in the logistics API implementation of e-commerce platforms that can potentially expose the consumers’ personal information. We discuss the security risks that such flaws present for software engineers, e-commerce platform providers, and consumers.

Research Sep 20, 2022

Save to Folio

Research Sep 20, 2022

Save to Folio

Ransomware

The Risk of Ransomware Supply Chain Attacks

Over the years, ransomware has become a major threat and it can put supply chains in deep trouble.

Research Sep 20, 2022

Save to Folio

Research Sep 20, 2022

Save to Folio

Exploits & Vulnerabilities

A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities

This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints.

Research Sep 14, 2022

Save to Folio

Research Sep 14, 2022

Save to Folio

Cloud

Security Breaks: TeamTNT’s DockerHub Credentials Leak

One of our honeypots based on exposed Docker REST APIs showed cybercriminal group TeamTNT’s potential attack scenario and leak of container registry credentials for docker-abuse malware. The full version of this research will be presented at the c0c0n XV Hacking and Cyber Security Conference in September 2022.

Sep 12, 2022

Save to Folio

Sep 12, 2022

Save to Folio