Research, News, and Perspectives

Cyber Threats

This Week in Security News - September 24, 1021

Water Basilik Uses New HCrypt Variant to Flood Victims With RAT Payloads & Biden Administration Issues Sanctions To Counter Ransomware

Expert Perspective Sep 24, 2021

Examining the Cring Ransomware Techniques

In this entry, we look at the techniques typically employed by the Cring ransomware, as well as the most affected regions and industries.

Research Sep 24, 2021

Exploits & Vulnerabilities

CISA Reports Top Vulnerabilities From Remote Work

Trend Micro’s Next-Generation IPS protects organisations from threats as attackers now target remote work-related vulnerabilities.

Expert Perspective Sep 21, 2021

Exploits & Vulnerabilities

Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage

Recently, we discovered that the cryptomining trojan z0Miner has been taking advantage of the Atlassian’s Confluence remote code execution (RCE) vulnerability assigned as CVE-2021-26084, which was disclosed by Atlassian in August.

Research Sep 21, 2021

Water Basilisk Uses New HCrypt Variant to Flood Victims with RAT Payloads

In this blog entry we look into a fileless campaign that used a new HCrypt variant to distribute numerous remote access trojans (RATs) in victim systems. This new variant also uses an updated obfuscation mechanism which we detail.

Research Sep 20, 2021

This Week in Security News - September 17, 2021

2021 Midyear Cybersecurity Report and Apple emergency patches fix zero-click iMessage bug used to inject NSO spyware

Expert Perspective Sep 17, 2021

Cyber Threats

Midyear 2021 Cybersecurity Landscape Review: Attacks From All Angles Abound

Here is a rundown of data related to the crucial security issues that enterprises faced during this period, as examined in our report, “Attacks From All Angles: 2021 Midyear Cybersecurity Report.”

Reports Sep 16, 2021

Exploits & Vulnerabilities

Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus

Citizen Lab has released a report on a new iPhone threat dubbed ForcedEntry. This zero-click exploit seems to be able to circumvent Apple's BlastDoor security, and allow attackers access to a device without user interaction.

Research Sep 15, 2021

APT & Targeted Attacks

1H’2021 Security Review Shows Active Cloud Attacks

Trend Micro’s midyear report highlights the growing importance of cloud security as attacks increase in frequency and complexity.

Expert Perspective Sep 14, 2021

September Patch Tuesday: 66 Bulletins, Only 3 Critical

The September 2021 Patch Tuesday cycle is relatively good news for system administrators with only 66 total bulletins. Perhaps more significantly, only three of these were Critical bulletins.

Research, News, and Perspectives

Trending Topics