TrendMicro – Page 59 – Computer Security Articles

Brand-New HavanaCrypt Ransomware Poses as Google Software Update App, Uses Microsoft Hosting Service IP Address as C&C Server

Credit to Author: Nathaniel Morales| Date: Wed, 06 Jul 2022 00:00:00 +0000

We recently found a new ransomware family, which we have dubbed as HavanaCrypt, that disguises itself as a legitimate Google Software Update application and uses a Microsoft web hosting service IP address as its command-and-control (C&C) server to circumvent detection.

Security TrendMicro

ICS & OT Cybersecurity Attack Trends

July 6, 2022 admin trend micro ciso : blog, trend micro ciso : digital transformation, trend micro ciso : expert perspective, trend micro ciso : risk management

We explore Trend Micro’s latest research into industrial cybersecurity, including the impact of attacks, maturity of security programs, and recommendations for strengthening security.

Security TrendMicro

Data Distribution Service: An Overview Part 1

July 6, 2022 admin trend micro research : articles, news, reports, trend micro research : exploits & vulnerabilities, trend micro research : ics ot, trend micro research : ransomware, trend micro research : research

In this three-part blog series, we’ll look into Data Distribution Service, why it is critical, and how you can mitigate risks associated with it.

Security TrendMicro

Hacking the Crypto-monetized Web

June 30, 2022 admin trend micro research : cyber threats, trend micro research : network, trend micro research : phishing, trend micro research : privacy & risks, trend micro research : report, trend micro research : research, trend micro research : social media, trend micro research : web

Credit to Author: Jon Clay| Date: Thu, 30 Jun 2022 00:00:00 +0000

What danger lies around the corner?

Security TrendMicro

DevOps vs SRE: Differences & Similarities

June 30, 2022 admin trend micro devops : article, trend micro devops : best practices, trend micro devops : cloud native, trend micro devops : multi cloud

Credit to Author: Michael Langford| Date: Thu, 30 Jun 2022 00:00:00 +0000

While DevOps and site reliability engineering teams often work together and have shared goals, there are important distinctions between the two. This article explores the differences between their functions and responsibilities.

Security TrendMicro

Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit

June 30, 2022 admin trend micro research : articles, news, reports, trend micro research : phishing, trend micro research : ransomware, trend micro research : research

Credit to Author: Kenneth Adrian Apostol| Date: Thu, 30 Jun 2022 00:00:00 +0000

We look into a recent attack orchestrated by the Black Basta ransomware ransomware group that used the banking trojan QakBot as a means of entry and movement and took advantage of the PrintNightmare vulnerability to perform privileged file operations.

Security TrendMicro

How to Present Cloud Risk to the Board

June 29, 2022 admin trend micro ciso : article, trend micro ciso : cloud, trend micro ciso : expert perspective, trend micro ciso : risk management

Credit to Author: Erin Sindelar| Date: Wed, 29 Jun 2022 00:00:00 +0000

Trend Micro Security Researcher, Erin Sindelar, breaks down three popular types of cloud risk assessments to help CISOs and security leaders better explain cyber risk to the board.

Security TrendMicro

Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware

June 28, 2022 admin trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : exploits & vulnerabilities, trend micro research : network, trend micro research : research

Credit to Author: Mohamed Fahmy| Date: Tue, 28 Jun 2022 00:00:00 +0000

We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being exfiltrated from the infected systems. However, we also found that some of the victims were infected with ransomware days after the data exfiltration.