Research, News, and Perspectives

Cybermenaces

Unmasking Prometei: A Deep Dive Into Our MXDR Findings

How does Prometei insidiously operate in a compromised system? This Managed Extended Detection and Response investigation conducted with the help of Trend Vision One provides a comprehensive analysis of the inner workings of this botnet so users can stop the threat in its tracks before it inflicts damage to the system.

Research Oct 23, 2024

Save to Folio

Research Oct 23, 2024

Save to Folio

Cybermenaces

Using gRPC and HTTP/2 for Cryptominer Deployment: An Unconventional Approach

In this blog entry, we discuss how malicious actors are exploiting Docker remote API servers via gRPC/h2c to deploy the cryptominer SRBMiner to facilitate their mining of XRP on Docker hosts.

Latest News Oct 22, 2024

Save to Folio

Latest News Oct 22, 2024

Save to Folio

Programmes malveillants

Attackers Target Exposed Docker Remote API Servers With perfctl Malware

We observed an unknown threat actor abusing exposed Docker remote API servers to deploy the perfctl malware.

Research Oct 21, 2024

Save to Folio

Research Oct 21, 2024

Save to Folio

Cloud

Gartner 2024 CNAPP Market Guide Insights for Leaders

As businesses increasingly pivot to cloud-native applications, the landscape of cybersecurity becomes ever more challenging.

Reports Oct 18, 2024

Save to Folio

Reports Oct 18, 2024

Save to Folio

Artificial Intelligence (AI)

5 AI Security Takeaways featuring Forrester

Highlights from the recent discussion between Trend Micro’s David Roth, CRO Enterprise America, and guest speaker Jeff Pollard, VP, Principal Analyst, Forrester about AI hype versus reality and how to secure AI in the workplace.

Security Strategies Oct 17, 2024

Save to Folio

Security Strategies Oct 17, 2024

Save to Folio

Artificial Intelligence (AI)

How to Mitigate the Impact of Rogue AI Risks

This is the latest blog in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights.

Expert Perspective Oct 17, 2024

Save to Folio

Expert Perspective Oct 17, 2024

Save to Folio

Ransomware

Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data

This article uncovers a Golang ransomware abusing AWS S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions.

Research Oct 16, 2024

Save to Folio

Research Oct 16, 2024

Save to Folio

Cybermenaces

Silent Threat: Red Team Tool EDRSilencer Disrupting Endpoint Security Solutions

Trend Micro's Threat Hunting Team has observed EDRSilencer, a red team tool that threat actors are attempting to abuse for its ability to block EDR traffic and conceal malicious activity.

Research Oct 15, 2024

Save to Folio

Research Oct 15, 2024

Save to Folio

Attaques ciblées & APT

Water Makara Uses Obfuscated JavaScript in Spear Phishing Campaign, Targets Brazil With Astaroth Malware

Trend Micro researchers have uncovered a surge of malicious activities involving a threat actor group that we track as Water Makara. This group is targeting enterprises in Brazil, deploying banking malware using obfuscated JavaScript to slip past security defenses.

Research Oct 14, 2024

Save to Folio

Research Oct 14, 2024

Save to Folio

Attaques ciblées & APT

Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against Middle East

Trend Micro's investigation into the recent activity of Earth Simnavaz provides new insights into the APT group’s evolving tactics and the immediate threat it poses to sectors in the Middle East.

Research Oct 11, 2024

Save to Folio

Research Oct 11, 2024

Save to Folio