Python-Based NodeStealer Version Targets Facebook Ads Manager

Credit to Author: Aira Marcelo| Date: Thu, 19 Dec 2024 00:00:00 +0000

In this blog entry, Trend Micro’s Managed XDR team discuss their investigation into how the latest variant of NodeStealer is delivered through spear-phishing attacks, potentially leading to malware execution, data theft, and the exfiltration of sensitive information via Telegram.

Read more

Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks

Credit to Author: Feike Hacquebord| Date: Tue, 17 Dec 2024 00:00:00 +0000

APT group Earth Koshchei, suspected to be sponsored by the SVR, executed a large-scale rogue RDP campaign using spear-phishing emails, red team tools, and sophisticated anonymization techniques to target high-profile sectors.

Read more

Link Trap: GenAI Prompt Injection Attack

Credit to Author: Jay Liao| Date: Tue, 10 Dec 2024 00:00:00 +0000

Prompt injection exploits vulnerabilities in generative AI to manipulate its behavior, even without extensive permissions. This attack can expose sensitive data, making awareness and preventive measures essential. Learn how it works and how to stay protected.

Read more

MITRE ATT&CK 2024 Results for Enterprise Security

Credit to Author: Mike Grodzki| Date: Mon, 09 Dec 2024 00:00:00 +0000

Enterprise 2024 will incorporate multiple, smaller emulations for a more nuanced and targeted evaluation of defensive capabilities. We’re excited to offer two distinct adversary focus areas: Ransomware targeting Windows and Linux, and the Democratic People’s Republic of Korea’s targeting macOS.

Read more

MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks

Credit to Author: Joseph C Chen| Date: Thu, 05 Dec 2024 00:00:00 +0000

Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.

Read more

AI Configuration Best Practices to address AI Security Risks

Credit to Author: Joy Ngaruro| Date: Mon, 02 Dec 2024 00:00:00 +0000

AI usage is on the rise as many companies are adopting AI for productivity gains and creation of new business opportunities which provide value to their customers.

Read more