This article provides an in-depth look into two techniques used by Earth Freybug actors: dynamic-link library (DLL) hijacking and application programming interface (API) unhooking to prevent child processes from being monitored via a new malware we’ve discovered and dubbed UNAPIMON.…
Tag: Trend Micro Research, News and Perspectives
Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script
This blog entry discusses the Agenda ransomware group’s use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Agenda Ransomware…
NIST Launches Cybersecurity Framework (CSF) 2.0
On February 26, 2024, the National Institute of Standards and Technology (NIST) released the official 2.0 version of the Cyber Security Framework (CSF). This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: NIST…
Jenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk
Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Jenkins Args4j CVE-2024-23897: Files Exposed, Code at…
Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks
Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa. This article has been indexed from Trend Micro Research,…
A Necessary Digital Odyssey of RPA and AI/ML at HUD
Explore two RPA and AI/ML use cases at HUD during the operational challenges of the longest US Government shutdown, a rigid legacy IT environment, and complex federal regulations. This article has been indexed from Trend Micro Research, News and Perspectives…
AI Auctions: Collectibles, Taylor Swift, Jordan Bots
Discover the fascinating world of AI, ML, and RPA and their real-world applications including the creation of a custom RPA bot for collecting rare sports memorabilia. This article has been indexed from Trend Micro Research, News and Perspectives Read the…
Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO
The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Multistage RA World Ransomware…
Managing Cyber Risk for Under-Pressure CISOs
Overworked CISOs are struggling to deliver the cybersecurity results their organizations expect. Fortunately, there are concrete and practical ways they can make their lives easier—while managing cyber risk effectively. This article has been indexed from Trend Micro Research, News and…
Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities
This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry. This…