Attacker Abuses Victim Resources to Reap Rewards from Titan Network
Attacker Abuses Victim Resources to Reap Rewards from Titan Network | Trend Micro (US) Cyber Threats In this blog entry, we discuss how an attacker took advantage of the Atlassian…
Attacker Abuses Victim Resources to Reap Rewards from Titan Network | Trend Micro (US) Cyber Threats In this blog entry, we discuss how an attacker took advantage of the Atlassian…
In both incidents, a major pain point was the lack of application logs (i.e., VPN and IIS logs). These logs are crucial, as they help in understanding how the threat…
Identifying the Threat Group The threat actors behind Prometei remain largely unidentified, but evidence suggests they are Russian-speaking individuals. The name “Prometei,” derived from the Russian translation for Prometheus, hints…
Using gRPC and HTTP/2 for Cryptominer Deployment: An Unconventional Approach | Trend Micro (US) Cyber Threats In this blog entry, we discuss how malicious actors are exploiting Docker remote API…
Attackers Target Exposed Docker Remote API Servers With perfctl Malware | Trend Micro (US) Malware We observed an unknown threat actor abusing exposed Docker remote API servers to deploy the…
Depending on who you ask, generative AI could either be the salvation of humankind or the bringer of our doom. For cybersecurity specifically, it’s been positioned both as a kind…
In previous parts of this series on Rogue AI, we briefly explored what organizations can do to better manage risk across their AI attack surface. And we touched on ways…
When executed on the infected machine, the ransomware first performs initialization through the following steps: Get the host machine universal unique identifier (UUID) Import the hard-coded public key The public…
Conclusion In our ongoing efforts to monitor and mitigate emerging threats, we have observed based on our internal telemetry that certain threat actors are attempting to leverage EDRSilencer as part…
We track this intrusion set as Water Makara, which uses the Astaroth malware with a new defense evasion technique. Astaroth, a notorious information-stealing banking trojan, remains active and is anticipated…