Credit to Author: Kyle Philippe Yu| Date: Fri, 20 Sep 2024 00:00:00 +0000
Trend Micro tracked this group as Water Bakunawa, behind the RansomHub ransomware, employs various anti-EDR techniques to play a high-stakes game of hide and seek with security solutions.
Read moreCredit to Author: AI Team| Date: Thu, 19 Sep 2024 00:00:00 +0000
This is the third blog in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights.
Read moreCredit to Author: Abdelrahman Esmail| Date: Fri, 30 Aug 2024 00:00:00 +0000
Trend Micro discovered that old Atlassian Confluence versions that were affected by CVE-2023-22527 are being exploited using a new in-memory fileless backdoor.
Read moreCredit to Author: Ted Lee| Date: Thu, 19 Sep 2024 00:00:00 +0000
We observed Earth Baxia carrying out targeted attacks against APAC countries that involved advanced techniques like spear-phishing and customized malware, with data suggesting that the group operates from China.
Read moreCredit to Author: Richard Y Lin| Date: Wed, 18 Sep 2024 00:00:00 +0000
Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base stations, disrupting network operations. While these issues are implementation-specific, their exploitation is made possible by a systemic weakness: the lack of mandatory authentication procedures between base stations and packet-cores.
Read moreCredit to Author: Hitomi Kimura| Date: Thu, 12 Sep 2024 00:00:00 +0000
In this blog entry, we provide an analysis of the recent remote code execution attacks related to Progress Software’s WhatsUp Gold that possibly abused the vulnerabilities CVE-2024-6670 and CVE-2024-6671.
Read moreCredit to Author: Lenart Bermejo| Date: Mon, 09 Sep 2024 00:00:00 +0000
In this blog entry, we discuss our analysis of Earth Preta’s enhancements in their attacks by introducing new tools, malware variants and strategies to their worm-based attacks and their time-sensitive spear-phishing campaign.
Read moreCredit to Author: Pierre Lee| Date: Fri, 06 Sep 2024 00:00:00 +0000
Our research reveals that an unidentified threat cluster we named TIDRONE have shown significant interest in military-related industry chains, particularly in the manufacturers of drones.
Read more