Research, News, and Perspectives

Compliance & Risks

IoT and Zero Trust Are Incompatible? Just the Opposite

IoT is a big security headache for a lot of reasons. So how can these be part of a Zero Trust architecture?

Expert Perspective Sep 27, 2021

Save to Folio

Expert Perspective Sep 27, 2021

Save to Folio

Malware

Fake Installers Drop Malware and Open Doors for Opportunistic Attackers

We recently spotted fake installers of popular software being used to deliver bundles of malware onto victims’ devices. These installers are widely used lures that trick users into opening malicious documents or installing unwanted applications.

Research Sep 27, 2021

Save to Folio

Research Sep 27, 2021

Save to Folio

Cyber Threats

This Week in Security News - September 24, 1021

Water Basilik Uses New HCrypt Variant to Flood Victims With RAT Payloads & Biden Administration Issues Sanctions To Counter Ransomware

Expert Perspective Sep 24, 2021

Save to Folio

Expert Perspective Sep 24, 2021

Save to Folio

Examining the Cring Ransomware Techniques

In this entry, we look at the techniques typically employed by the Cring ransomware, as well as the most affected regions and industries.

Research Sep 24, 2021

Save to Folio

Research Sep 24, 2021

Save to Folio

Exploits & Vulnerabilities

CISA Reports Top Vulnerabilities From Remote Work

Trend Micro’s Next-Generation IPS protects organizations from threats as attackers now target remote work-related vulnerabilities.

Expert Perspective Sep 21, 2021

Save to Folio

Expert Perspective Sep 21, 2021

Save to Folio

Exploits & Vulnerabilities

Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage

Recently, we discovered that the cryptomining trojan z0Miner has been taking advantage of the Atlassian’s Confluence remote code execution (RCE) vulnerability assigned as CVE-2021-26084, which was disclosed by Atlassian in August.

Research Sep 21, 2021

Save to Folio

Research Sep 21, 2021

Save to Folio

Water Basilisk Uses New HCrypt Variant to Flood Victims with RAT Payloads

In this blog entry we look into a fileless campaign that used a new HCrypt variant to distribute numerous remote access trojans (RATs) in victim systems. This new variant also uses an updated obfuscation mechanism which we detail.

Research Sep 20, 2021

Save to Folio

Research Sep 20, 2021

Save to Folio

This Week in Security News - September 17, 2021

2021 Midyear Cybersecurity Report and Apple emergency patches fix zero-click iMessage bug used to inject NSO spyware

Expert Perspective Sep 17, 2021

Save to Folio

Expert Perspective Sep 17, 2021

Save to Folio

Cyber Threats

Midyear 2021 Cybersecurity Landscape Review: Attacks From All Angles Abound

Here is a rundown of data related to the crucial security issues that enterprises faced during this period, as examined in our report, “Attacks From All Angles: 2021 Midyear Cybersecurity Report.”

Reports Sep 16, 2021

Save to Folio

Reports Sep 16, 2021

Save to Folio

Exploits & Vulnerabilities

Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus

Citizen Lab has released a report on a new iPhone threat dubbed ForcedEntry. This zero-click exploit seems to be able to circumvent Apple's BlastDoor security, and allow attackers access to a device without user interaction.

Research Sep 15, 2021

Save to Folio

Research Sep 15, 2021

Save to Folio