This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-08T19:19:25+00:00 www.secnews.physaphae.fr TrendLabs Security - Editeur Antivirus Cheap and easy access to AI makes it harder to detect state-sponsored and homegrown campaigns during this election year]]> 2024-05-02T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/e/poll-security.html www.secnews.physaphae.fr/article.php?IdArticle=8492323 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm\'s exploitation of EdgeRouters, complementing the FBI\'s advisory from February 27, 2024.]]> 2024-05-01T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/e/router-roulette.html www.secnews.physaphae.fr/article.php?IdArticle=8491686 False None APT 28 3.0000000000000000 TrendLabs Security - Editeur Antivirus 2024-04-18T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/d/multipronged-network-defense.html www.secnews.physaphae.fr/article.php?IdArticle=8485353 False None None 3.0000000000000000 TrendLabs Security - Editeur Antivirus On April 18, 2024, the UK\'s Metropolitan Police Service and others conducted an operation that succeeded in taking down the Phishing-as-a-Service provider LabHost.]]> 2024-04-18T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/d/labhost-takedown.html www.secnews.physaphae.fr/article.php?IdArticle=8484431 False Legislation None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Learn how far cybersecurity has come from scattered resources to consolidation the future.]]> 2024-04-12T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/d/cybersecurity-consolidated.html www.secnews.physaphae.fr/article.php?IdArticle=8480875 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Our blog entry provides an in-depth analysis of Earth Hundun\'s Waterbear and Deuterbear malware.]]> 2024-04-11T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/d/earth-hundun-waterbear-deuterbear.html www.secnews.physaphae.fr/article.php?IdArticle=8479862 False Malware None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Delve into the world of red team exercises, their vital role in enhancing organizational security through simulated cyberattacks, including tactics like phishing and lateral movement within networks, and understand the need for regular testing and improvement to counter evolving threats effectively.]]> 2024-04-11T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/d/red-team-exercises-examples.html www.secnews.physaphae.fr/article.php?IdArticle=8480122 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Discover how Trend is strengthening its endpoint solutions to detect fileless attacks earlier. By leveraging Intel Threat Detection Technology, Trend enhances the scalability and resiliency of its solutions.]]> 2024-04-11T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/d/fileless-malware-attack-solution.html www.secnews.physaphae.fr/article.php?IdArticle=8480876 False Threat,Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Our new article provides key highlights and takeaways from Operation Cronos\' disruption of LockBit\'s operations, as well as telemetry details on how LockBit actors operated post-disruption.]]> 2024-04-03T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/d/operation-cronos-aftermath.html www.secnews.physaphae.fr/article.php?IdArticle=8475151 False None None 3.0000000000000000 TrendLabs Security - Editeur Antivirus This blog entry discusses the Agenda ransomware group\'s use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers.]]> 2024-03-26T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/c/agenda-ransomware-propagates-to-vcenters-and-esxi-via-custom-pow.html www.secnews.physaphae.fr/article.php?IdArticle=8470630 False Ransomware None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897.]]> 2024-03-19T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/c/cve-2024-23897.html www.secnews.physaphae.fr/article.php?IdArticle=8466484 False Vulnerability None 2.0000000000000000 TrendLabs Security - Editeur Antivirus CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.]]> 2024-03-19T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8467145 False Ransomware,Malware,Vulnerability None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa.]]> 2024-03-18T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/c/earth-krahang.html www.secnews.physaphae.fr/article.php?IdArticle=8465877 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus ENISA Report Unveils a Complex Cyber Landscape]]> 2024-03-18T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/c/enisa-report-dos-attack-classifications.html www.secnews.physaphae.fr/article.php?IdArticle=8466732 False Threat None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Explore two RPA and AI/ML use cases at HUD during the operational challenges of the longest US Government shutdown, a rigid legacy IT environment, and complex federal regulations.]]> 2024-03-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/c/rpa-al-ml-use-cases-HUD.html www.secnews.physaphae.fr/article.php?IdArticle=8462942 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative (ZDI) observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412.]]> 2024-03-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/c/cve-2024-21412--darkgate-operators-exploit-microsoft-windows-sma.html www.secnews.physaphae.fr/article.php?IdArticle=8463064 False Vulnerability,Threat None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Discover the fascinating world of AI, ML, and RPA and their real-world applications including the creation of a custom RPA bot for collecting rare sports memorabilia.]]> 2024-03-06T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/c/ai-auctions.html www.secnews.physaphae.fr/article.php?IdArticle=8459634 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus This blog entry will examine Trend Micro MDR team\'s investigation that successfully uncovered the intrusion sets employed by Earth Kapre in a recent incident, as well as how the team leveraged threat intelligence to attribute the extracted evidence to the cyberespionage threat group.]]> 2024-03-06T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/c/unveiling-earth-kapre-aka-redcurls-cyberespionage-tactics-with-t.html www.secnews.physaphae.fr/article.php?IdArticle=8459685 False Threat,Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry.]]> 2024-02-27T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/threat-actor-groups-including-black-basta-are-exploiting-recent-.html www.secnews.physaphae.fr/article.php?IdArticle=8455753 False Ransomware,Vulnerability,Threat None 3.0000000000000000 TrendLabs Security - Editeur Antivirus During our monitoring of Earth Lusca, we noticed a new campaign that used Chinese-Taiwanese relations as a social engineering lure to infect selected targets.]]> 2024-02-26T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/earth-lusca-uses-geopolitical-lure-to-target-taiwan.html www.secnews.physaphae.fr/article.php?IdArticle=8455240 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Explore the first article in this series about AI, ML, and RPA, which aims to demystify and explore the full spectrum of these core technologies.]]> 2024-02-21T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/digital-transformation-ai-rpa.html www.secnews.physaphae.fr/article.php?IdArticle=8452963 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus The landscape of cybersecurity is continuously evolving, with new threats emerging and the roles and responsibilities of security professionals constantly adapting.]]> 2024-02-21T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/sans-2023-soc-report.html www.secnews.physaphae.fr/article.php?IdArticle=8453013 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Trend and other private entities recently contributed to INTERPOL\'s Operation Synergia, a global operation that successfully took down over 1,000 C&C servers and identified suspects related to phishing, banking malware, and ransomware activity.]]> 2024-02-21T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/trend-micro-and-interpol-join-forces-again-for-operation-synergi.html www.secnews.physaphae.fr/article.php?IdArticle=8453068 False Ransomware,Malware,Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus In this blog entry, we focus on Earth Preta\'s campaign that employed a variant of the DOPLUGS malware to target Asian countries.]]> 2024-02-20T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/earth-preta-campaign-targets-asia-doplugs.html www.secnews.physaphae.fr/article.php?IdArticle=8452614 False Malware None 2.0000000000000000 TrendLabs Security - Editeur Antivirus The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.]]> 2024-02-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/cve202421412-water-hydra-targets-traders-with-windows-defender-s.html www.secnews.physaphae.fr/article.php?IdArticle=8449693 False Vulnerability,Threat,Prediction None 3.0000000000000000 TrendLabs Security - Editeur Antivirus This entry aims to provide additional context to CVE-2024-21412, how it can be used by threat actors, and how Trend protects customers from this specific vulnerability.]]> 2024-02-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/cve-2024-21412-facts-and-fixes.html www.secnews.physaphae.fr/article.php?IdArticle=8449692 False Vulnerability,Threat,Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Trend Micro\'s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024.]]> 2024-02-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/global-security-trends-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8449790 False Prediction None 3.0000000000000000 TrendLabs Security - Editeur Antivirus After a full year of life with ChatGPT cybersecurity experts have a clearer sense of how criminals are using generative AI to enhance attacks - learn what generative AI means for cybersecurity in 2024.]]> 2024-02-08T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/generative-ai-cybersecurity-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8448077 False None ChatGPT 3.0000000000000000 TrendLabs Security - Editeur Antivirus A finance worker in Hong Kong was tricked by a deepfake video conference. The future of defending against deepfakes is as much as human challenge as a technological one.]]> 2024-02-07T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/deepfake-video-calls.html www.secnews.physaphae.fr/article.php?IdArticle=8447797 False Conference None 2.0000000000000000 TrendLabs Security - Editeur Antivirus In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution.]]> 2024-02-07T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/unveiling-atlassian-confluence-vulnerability-cve-2023-22527--und.html www.secnews.physaphae.fr/article.php?IdArticle=8447584 False Vulnerability,Threat None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Attacks don\'t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers-including the cloud-for more proactive risk management.]]> 2024-02-06T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/unify-cloud-security.html www.secnews.physaphae.fr/article.php?IdArticle=8447374 False Cloud None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted.]]> 2024-01-31T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/pawn-storm-uses-brute-force-and-stealth.html www.secnews.physaphae.fr/article.php?IdArticle=8445083 False None APT 28 2.0000000000000000 TrendLabs Security - Editeur Antivirus In this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the actors behind it have acquired access to the source code of the notorious BlackMatter ransomware.]]> 2024-01-23T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/kasseika-ransomware-deploys-byovd-attacks-abuses-psexec-and-expl.html www.secnews.physaphae.fr/article.php?IdArticle=8441997 False Ransomware None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Explore why Trend Micro is recognized-for the 18th time-as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms.]]> 2024-01-22T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/endpoint-gartner-magic-quadrant-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8441855 False Prediction,Commercial None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Here\'s the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space.]]> 2024-01-18T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/bec-security-enhancements.html www.secnews.physaphae.fr/article.php?IdArticle=8440397 False Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus The overlooked vulnerability with real impacts]]> 2024-01-18T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/ivanti-zero-day-threat-protection.html www.secnews.physaphae.fr/article.php?IdArticle=8440763 False Vulnerability,Threat None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Detection and response will be critical for the U.S. Government to modernize security operations and stay ahead of cyber-attacks.]]> 2024-01-17T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/modernize-federal-cybersecurity-strategy-with-fedramp.html www.secnews.physaphae.fr/article.php?IdArticle=8440343 False None None 3.0000000000000000 TrendLabs Security - Editeur Antivirus This blog delves into the Phemedrone Stealer campaign\'s exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware\'s payload.]]> 2024-01-12T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/cve-2023-36025-exploited-for-defense-evasion-in-phemedrone-steal.html www.secnews.physaphae.fr/article.php?IdArticle=8438153 False Malware,Vulnerability None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Trend Micro collaborates with INTERPOL to defend FIFA World Cup by preventing attacks & mitigating risks to fight against the rising threat of cybercrime.]]> 2024-01-11T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/trend-micro-defends-fifa-world-cup-from-cyber-threats.html www.secnews.physaphae.fr/article.php?IdArticle=8438002 False Threat,Prediction None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Protect against cybersecurity vulnerabilities & cyber threats by building strategic defenses in Distributed Energy Generation (DEG) systems & infrastructures.]]> 2024-01-11T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/build-cyber-resilience-with-distributed-energy-systems.html www.secnews.physaphae.fr/article.php?IdArticle=8437934 False Vulnerability None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Pikabot is a loader with similarities to Qakbot that was used in spam campaigns during most of 2023. Our blog entry provides a technical analysis of this malware.]]> 2024-01-09T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/a-look-into-pikabot-spam-wave-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8437097 False Spam,Malware,Technical None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Trend Micro\'s bug bounty program Zero Day Initiative 2023 performance gives a glimpse inside the world of threat-hunting and cyber risk prevention]]> 2024-01-08T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/trend-micro-bug-bounty-program-zdi-2023-performance.html www.secnews.physaphae.fr/article.php?IdArticle=8436874 False Threat,Prediction None 3.0000000000000000 TrendLabs Security - Editeur Antivirus In this blog entry, we discuss the technical details of CVE-2023-50164, a critical vulnerability that affects Apache Struts 2 and enables unauthorized path traversal.]]> 2023-12-15T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/l/decoding-cve-2023-50164--unveiling-the-apache-struts-file-upload.html www.secnews.physaphae.fr/article.php?IdArticle=8423044 False Vulnerability,Threat,Technical None 2.0000000000000000 TrendLabs Security - Editeur Antivirus This blog entry delves into MxDR\'s unraveling of the AsyncRAT infection chain across multiple cases, shedding light on the misuse of aspnet_compiler.exe, a legitimate Microsoft process originally designed for precompiling ASP.NET web applications.]]> 2023-12-11T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/l/analyzing-asyncrat-code-injection-into-aspnetcompiler-exe.html www.secnews.physaphae.fr/article.php?IdArticle=8420924 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Trend has been securing web access for over a decade with forward-looking innovation and a global footprint to support our customer\'s security strategy. We are committed to our customers\' journey of transforming their current security posture, aligning with Zero Trust principles, and embracing a modern, fully integrated security architecture.]]> 2023-12-08T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/l/web-security-expands-into-secure-service-edge-sse.html www.secnews.physaphae.fr/article.php?IdArticle=8420303 False Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Every year, experts weigh in with predictions of what the big cybersecurity trends will be-but how often are they right? That\'s the question Trend Micro\'s Greg Young and Bill Malik asked recently on their Real Cybersecurity podcast, looking at what forecasters got wrong on a wide range of topics, from AI to human factors.]]> 2023-12-07T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/l/2023-review-reflecting-on-cybersecurity-trends.html www.secnews.physaphae.fr/article.php?IdArticle=8420003 False Prediction None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Explore real use cases demonstrating the transformative impact of Trend Vision One™ – Forensics, an integrated Digital Forensics and Incident Response (DFIR) tool]]> 2023-12-07T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/l/integrated-dfir-tool-can-streamline-cyber-forensics.html www.secnews.physaphae.fr/article.php?IdArticle=8419974 False Tool,Prediction None 3.0000000000000000 TrendLabs Security - Editeur Antivirus In this blog entry, we discuss predictions from Trend Micro\'s team of security experts about the drivers of change that will figure prominently in 2024.]]> 2023-12-06T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/l/forward-momentum--key-learnings-from-trend-micro-s-security-pred.html www.secnews.physaphae.fr/article.php?IdArticle=8419472 False Prediction None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Learn more about how Trend is engineering innovation and resiliency with NEOM McLaren Formula E Team in 2024 and beyond.]]> 2023-12-05T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/l/accelerating-into-2024-with-neon-mclaren-formula-e.html www.secnews.physaphae.fr/article.php?IdArticle=8419348 False Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus The Open Radio Access Network (ORAN) architecture provides standardized interfaces and protocols to previously closed systems. However, our research on ORAN demonstrates the potential threat posed by malicious xApps that are capable of compromising the entire Ran Intelligent Controller (RIC) subsystem.]]> 2023-12-01T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/l/the-current-state-of-open-ran-security.html www.secnews.physaphae.fr/article.php?IdArticle=8418240 False Threat None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Heading to AWS re:Invent 2023? Don\'t miss out on our talk with Melinda Marks, ESG Practice Director for Cybersecurity, about cloud detection and response (CDR) and what\'s trending in cloud security.]]> 2023-11-27T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/k/cloud-security-predictions-at-aws-re-invent-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8417331 False Prediction,Cloud None 3.0000000000000000 TrendLabs Security - Editeur Antivirus We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.]]> 2023-11-23T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html www.secnews.physaphae.fr/article.php?IdArticle=8416255 False None None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Dive into the world of private 5G networks and learn about a critical security vulnerability that could expose IoT devices to attacks from external networks.]]> 2023-11-22T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/k/packet-reflection-threats-private-5g-networks.html www.secnews.physaphae.fr/article.php?IdArticle=8416224 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.]]> 2023-11-20T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/k/cve-2023-46604-exploited-by-kinsing.html www.secnews.physaphae.fr/article.php?IdArticle=8414748 False Malware,Vulnerability None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Learn what 100 straight quarters of profitability means to a Trender who has been here for every one of them.]]> 2023-11-14T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/k/insights-trend-micro-100-profitable-quarters.html www.secnews.physaphae.fr/article.php?IdArticle=8412014 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus This blog entry explores the effectiveness of ChatGPT\'s safety measures, the potential for AI technologies to be misused by criminal actors, and the limitations of current AI models.]]> 2023-11-14T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/k/a-closer-look-at-chatgpt-s-role-in-automated-malware-creation.html www.secnews.physaphae.fr/article.php?IdArticle=8411646 False Malware ChatGPT 2.0000000000000000 TrendLabs Security - Editeur Antivirus We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations.]]> 2023-11-10T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/k/cerber-ransomware-exploits-cve-2023-22518.html www.secnews.physaphae.fr/article.php?IdArticle=8408988 False Ransomware,Vulnerability None 3.0000000000000000 TrendLabs Security - Editeur Antivirus We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies.]]> 2023-11-09T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/k/threat-actors-leverage-file-sharing-service-and-reverse-proxies.html www.secnews.physaphae.fr/article.php?IdArticle=8408367 False Threat None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Explore the world of zero day threats and gain valuable insight into the importance of proactive detection and remediation.]]> 2023-11-06T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/k/zero-day-threat-protection.html www.secnews.physaphae.fr/article.php?IdArticle=8406589 False Threat,General Information None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Customer feedback validates Trend\'s leadership in in XDR, endpoint security, hybrid Cloud]]> 2023-10-30T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/j/customers-prefer-trend-micro-xdr-endpoint-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8405887 False Prediction,Cloud None 2.0000000000000000 TrendLabs Security - Editeur Antivirus This report explores the Kopeechka service and gives a detailed technical analysis of the service\'s features and capabilities and how it can help cybercriminals to achieve their goals.]]> 2023-10-27T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/j/how-kopeechka--an-automated-social-media-accounts-creation-servi.html www.secnews.physaphae.fr/article.php?IdArticle=8401326 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus In the second part of this series, we will examine how attackers can trigger vulnerabilities by sending control messages masquerading as user traffic to cross over from user plane to control plane.]]> 2023-10-20T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/j/asn1-vulnerabilities-in-5g-cores.html www.secnews.physaphae.fr/article.php?IdArticle=8398104 False Vulnerability None 3.0000000000000000 TrendLabs Security - Editeur Antivirus This blog discusses how threat actors abuse Discord\'s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware.]]> 2023-10-16T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/j/beware-lumma-stealer-distributed-via-discord-cdn-.html www.secnews.physaphae.fr/article.php?IdArticle=8396084 False Threat None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Almost a year after Void Rabisu shifted its targeting from opportunistic ransomware attacks with an emphasis on cyberespionage, the threat actor is still developing its main malware, the ROMCOM backdoor.]]> 2023-10-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html www.secnews.physaphae.fr/article.php?IdArticle=8395042 False Ransomware,Threat None 2.0000000000000000 TrendLabs Security - Editeur Antivirus We detail an ongoing campaign abusing messaging platforms Skype and Teams to distribute the DarkGate malware to targeted organizations. We also discovered that once DarkGate is installed on the victim\'s system, additional payloads were introduced to the environment.]]> 2023-10-12T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/j/darkgate-opens-organizations-for-attack-via-skype-teams.html www.secnews.physaphae.fr/article.php?IdArticle=8394698 False Malware None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Digitalization has changed the business environment of the electric power industry, exposing it to various threats. This webinar will help you uncover previously unnoticed threats and develop countermeasures and solutions.]]> 2023-10-06T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/j/electric-power-system-cybersecurity-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8393443 False Vulnerability,Industrial None 3.0000000000000000 TrendLabs Security - Editeur Antivirus This entry delves into threat actors\' intricate methods to implant malicious payloads within seemingly legitimate applications and codebases.]]> 2023-10-05T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/j/infection-techniques-across-supply-chains-and-codebases.html www.secnews.physaphae.fr/article.php?IdArticle=8391784 False Threat None 2.0000000000000000 TrendLabs Security - Editeur Antivirus We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.]]> 2023-09-29T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/i/apt34-deploys-phishing-attack-with-new-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8389378 False Malware,Threat APT 34,APT 34 3.0000000000000000 TrendLabs Security - Editeur Antivirus We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group.]]> 2023-09-22T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/i/examining-the-activities-of-the-turla-group.html www.secnews.physaphae.fr/article.php?IdArticle=8386618 False Threat None 3.0000000000000000 TrendLabs Security - Editeur Antivirus This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud.]]> 2023-09-21T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/i/cybercriminals-exploit-the-moroccan-tragedy-in-new-scam-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8386265 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor\'s server - a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we\'ve dubbed SprySOCKS due to its swift behavior and SOCKS implementation.]]> 2023-09-18T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8384815 False Threat None 2.0000000000000000 TrendLabs Security - Editeur Antivirus In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method.]]> 2023-09-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/i/redline-vidar-first-abuses-ev-certificates.html www.secnews.physaphae.fr/article.php?IdArticle=8382256 False Ransomware,Malware,Threat None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Discover what the increased regulatory risk due to recent US and UK sanctions imposed on TrickBot and Conti cybercriminals mean for CISOs and board members.]]> 2023-09-08T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/i/trickbot-conti-sanctions-cisos-board.html www.secnews.physaphae.fr/article.php?IdArticle=8380530 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication.]]> 2023-09-05T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/i/analyzing-a-facebook-profile-stealer-written-in-node-js.html www.secnews.physaphae.fr/article.php?IdArticle=8379053 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign.]]> 2023-09-01T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/i/revisiting-16shop-phishing-kit-trend-interpol-partnership.html www.secnews.physaphae.fr/article.php?IdArticle=8377842 False Prediction None 3.0000000000000000 TrendLabs Security - Editeur Antivirus A long and challenging journey against cybercrime around the world]]> 2023-09-01T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/i/fbi-qakbot-takedown.html www.secnews.physaphae.fr/article.php?IdArticle=8377843 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus We break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures (TTPs) employed, we observed overlaps with the advanced persistent threat (APT) group FamousSparrow as Earth Estries targets governments and organizations in the technology sector.]]> 2023-08-30T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/earth-estries-targets-government-tech-for-cyberespionage.html www.secnews.physaphae.fr/article.php?IdArticle=8376621 False Threat None 2.0000000000000000 TrendLabs Security - Editeur Antivirus The Trend Micro Mobile Application Reputation Service (MARS) team discovered a new, fully undetected Android banking trojan, dubbed MMRat, that has been targeting mobile users in Southeast Asia since late June 2023.]]> 2023-08-29T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/mmrat-carries-out-bank-fraud-via-fake-app-stores.html www.secnews.physaphae.fr/article.php?IdArticle=8376092 False Malware,Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Learn the common OT and IT visibility and efficiency barriers, as well as how to get around them.]]> 2023-08-24T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/ot-it-visibility-efficiency-barriers.html www.secnews.physaphae.fr/article.php?IdArticle=8373732 False Industrial None 2.0000000000000000 TrendLabs Security - Editeur Antivirus In this entry, we discuss how a threat actor abuses paid Facebook promotions featuring LLMs to spread malicious code, with the goal of installing a malicious browser add-on and stealing victims\' credentials.]]> 2023-08-23T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/profile-stealers-spread-via-llm-themed-facebook-ads.html www.secnews.physaphae.fr/article.php?IdArticle=8373475 False Threat None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, explains why Federal agencies are slow to comply with Biden\'s cybersecurity executive order.]]> 2023-08-21T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/agencies-struggle-biden-cyber-executive-order.html www.secnews.physaphae.fr/article.php?IdArticle=8372785 False Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Private 5G networks offer businesses enhanced security, reliability, and scalability. Learn more about why private 5G could be the future of secure networking.]]> 2023-08-18T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/private-5g-network-security.html www.secnews.physaphae.fr/article.php?IdArticle=8371795 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus The unveiling of the first-ever Open Worldwide Application Security Project (OWASP) risk list for large language model AI chatbots was yet another sign of generative AI\'s rush into the mainstream-and a crucial step toward protecting enterprises from AI-related threats.]]> 2023-08-15T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/top-ai-risks.html www.secnews.physaphae.fr/article.php?IdArticle=8370287 False None None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Rethinking learning metrics and fostering critical thinking in the era of generative AI and LLMs]]> 2023-08-14T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/chatgpt-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8370289 False None ChatGPT,ChatGPT 2.0000000000000000 TrendLabs Security - Editeur Antivirus The latest study said that OT security is less mature in several capabilities than IT security, but most organizations are improving it.]]> 2023-08-14T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/ot-security-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8370288 False Studies None 3.0000000000000000 TrendLabs Security - Editeur Antivirus The Monti ransomware collective has restarted their operations, focusing on institutions in the legal and governmental fields. Simultaneously, a new variant of Monti, based on the Linux platform, has surfaced, demonstrating notable differences from its previous Linux-based versions.]]> 2023-08-14T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/monti-ransomware-unleashes-a-new-encryptor-for-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8369834 False Ransomware None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Discover the core principles and frameworks of Zero Trust, NIST 800-207 guidelines, and best practices when implementing CISA\'s Zero Trust Maturity Model.]]> 2023-08-09T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/industry-zero-trust-frameworks.html www.secnews.physaphae.fr/article.php?IdArticle=8367848 False Industrial None 4.0000000000000000 TrendLabs Security - Editeur Antivirus How generative AI influenced threat trends in 1H 2023]]> 2023-08-08T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/cybersecurity-threat-2023-generative-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8367615 False Threat None 3.0000000000000000 TrendLabs Security - Editeur Antivirus In June 2023, Trend Micro observed an upgrade to the evasion techniques used by the Batloader initial access malware, which we\'ve covered in previous blog entries.]]> 2023-08-07T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/batloader-campaigns-use-pyarmor-pro-for-evasion.html www.secnews.physaphae.fr/article.php?IdArticle=8365660 False Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable (FUD) obfuscator engine BatCloak to infect vulnerable systems.]]> 2023-08-07T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/targetcompany-ransomware-abuses-fud-obfuscator-packers.html www.secnews.physaphae.fr/article.php?IdArticle=8367616 False Ransomware None 2.0000000000000000 TrendLabs Security - Editeur Antivirus The latest study said that enterprise SOCs are expanding their responsibilities to the OT domain, but major visibility and skills-related challenges are causing roadblocks.]]> 2023-08-04T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/soc-responsibilities.html www.secnews.physaphae.fr/article.php?IdArticle=8365513 False Studies None 2.0000000000000000 TrendLabs Security - Editeur Antivirus The US Securities and Exchange Commission (SEC) recently adopted rules regarding mandatory cybersecurity disclosure. Explore what this announcement means for you and your organization.]]> 2023-08-03T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/sec-cybersecurity-rules-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8365469 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Streamlining IT for business optimal business performance]]> 2023-08-02T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/tech-consolidation.html www.secnews.physaphae.fr/article.php?IdArticle=8364826 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Why endpoint security falls short in the complexity of modern IT infrastructure]]> 2023-08-01T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/h/secure-servers-cloud-workloads.html www.secnews.physaphae.fr/article.php?IdArticle=8364417 False Cloud None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Trend Micro\'s Mobile Application Reputation Service (MARS) team discovered two new related Android malware families involved in cryptocurrency-mining and financially-motivated scam campaigns targeting Android users.]]> 2023-07-28T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/g/cherryblos-and-faketrade-android-malware-involved-in-scam-campai.html www.secnews.physaphae.fr/article.php?IdArticle=8362611 False Malware,Mobile,Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus A single-platform approach delivers value greater than the sum of its parts]]> 2023-07-24T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/g/cybersecurity-consolidation.html www.secnews.physaphae.fr/article.php?IdArticle=8361354 False Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Trend Micro and INTERPOL collaborate to create a safer digital world]]> 2023-07-17T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/g/fight-against-cyber-criminals.html www.secnews.physaphae.fr/article.php?IdArticle=8357997 False Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus An analysis of advanced persistent threat (APT) group Red Menshen\'s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021.]]> 2023-07-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/g/detecting-bpfdoor-backdoor-variants-abusing-bpf-filters.html www.secnews.physaphae.fr/article.php?IdArticle=8355863 False Threat None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Embracing platform approach as the path to enhanced security and resilience]]> 2023-07-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/g/platform-approach-to-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8356066 False None None 2.0000000000000000 TrendLabs Security - Editeur Antivirus In this entry, we discuss the findings of our investigation into a piece of a signed rootkit, whose main binary functions as a universal loader that enables attackers to directly load a second-stage unsigned kernel module.]]> 2023-07-11T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/g/hunting-for-a-new-stealthy-universal-rootkit-loader.html www.secnews.physaphae.fr/article.php?IdArticle=8354401 False None None 3.0000000000000000