Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read about Apple’s latest security patches that address three zero-day flaws. Also, learn about a new information stealer called ‘Panda Stealer’ that’s being delivered via spam emails and targeting cryptocurrency wallets.
In April, Trend Micro observed a new information stealer called ‘Panda Stealer’ being delivered via spam emails. Once installed, Panda Stealer can collect details like private keys and records of past transactions from its victim’s digital currency wallets, steal credentials from other applications such as NordVPN, Telegram, Discord, and Steam, and take screenshots of the infected computer. Based on Trend Micro's telemetry, the U.S., Australia, Japan and Germany were amongst the most affected countries.
Apple released security updates for iOS, macOS, and watchOS to address three zero-day flaws and expand patches for a fourth vulnerability that the company said might have been exploited in the wild. The weaknesses all concern WebKit, the browser engine which powers Safari and other third-party web browsers in iOS, allowing an adversary to execute arbitrary code on target devices.
The emergence of several zero-day exploits relating to ProxyLogon, a Microsoft Exchange Server vulnerability that was discovered in late 2020, has allowed several threat actors to carry out attacks against unpatched systems. Trend Micro’s telemetry showed three malware families taking advantage of the ProxyLogon vulnerability: the coinminer LemonDuck, the ransomware BlackKingdom, and the Prometei botnet.
Data loss prevention (DLP) has become even more important in the last year. Since the pandemic has made companies shift to a remote workforce model, cybersecurity threats have become increasingly complex and data security even more fragile. Companies need to adapt their DLP strategies to the new normal and harden their defence. In this article, Greg Young, VP of Cybersecurity at Trend Micro, shares his recommendation for selecting a DLP solution.
Scammers took advantage of the surge in online activity during the pandemic, targeting businesses and buyers that were settling into new ways of transacting. The evolution of these crimes can be classified into four categories: online shopping, food delivery apps, messaging apps and government assistance. In this blog, learn about the new scams, recommendations to avoid becoming a victim, and predictions on whether these new forms of crime will stay active post-pandemic.
Trend Micro released its TXOne StellarProtect, an all-terrain endpoint protection defensive solution, custom-engineered for operational technology (OT) environments. The OT-native endpoint security solution is provided as part of its total security solution for smart factories and is developed by TXOne Networks, a company formed by a joint venture of Trend Micro and Moxa.
The complexity of containers demands something to make sense of it all. Builders, operations teams and security teams need a single language to understand the risk associated with containers. The MITRE ATT&CK Framework continues to evolve by adding known attack profiles and new attack techniques. Trend Micro’s research team collaborated with MITRE to provide evidence of real-world attacks that supported seven MITRE Techniques.
Extended detection and response (XDR) has emerged as the most effective technology for enterprises to discover and hunt down cyberthreats within IT environments and across various business tools. "XDR collects more telemetry to see stealthy attacks, using machine learning to join together individual events to form high confidence decisions and selective blocking options," said Greg Young, VP of cybersecurity at Trend Micro.
Due to OpenBullet’s popularity, a whole market for trading configuration scripts has formed in the underground with cybercriminals exploiting OpenBullet to brute-force their way into targeted accounts. This blog explores how threat actors compromise the supply chain of OpenBullet configuration scripts and recommends ways for users to remain protected from credential stuffing attacks that lead to account takeovers.
The Department of Homeland Security’s cybersecurity agency used a new subpoena power last week to contact at least one U.S. internet service provider with customers whose software is vulnerable to hacking. It’s an authority that the DHS’s Cybersecurity and Infrastructure Security Agency has long sought, as agency officials struggled to communicate with some technology firms before flaws in their equipment became public and risked exploitation by state-linked or criminal hackers.
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. In this blog, read about how Trend Micro protects customers from vulnerability exploits by blocking them as early as possible.
Do you think the new pandemic-fuelled cyberfraud will continue post-pandemic? Share in the comments below or follow me on Twitter to continue the conversation: @JonLClay.