US - Research, News, and Perspectives http://feed.informer.com/digests/G5HRN3DTV4/feeder US - Research, News, and Perspectives Respective post owners and feed distributors Tue, 09 Nov 2021 16:45:03 +0000 Feed Informer http://feed.informer.com/ Fake CAPTCHA Attacks Deploy Infostealers and RATs in a Multistage Payload Chain https://www.trendmicro.com/en_us/research/25/e/unmasking-fake-captcha-cases.html Research, News, and Perspective urn:uuid:4d9b9773-1e35-688c-1996-09f055009fad Mon, 19 May 2025 00:00:00 +0000 We have detected a new tactic involving fake CAPTCHA pages that trick users into executing harmful commands in Windows. This scheme uses disguised files sent via phishing and other malicious methods. Trend Micro Research : Endpoints Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Buddy Tancio Trend Joins NVIDIA to Secure AI Infrastructure with NVIDIA https://www.trendmicro.com/en_us/research/25/e/trend-secures-ai-infrastructure-with-nvidia.html Research, News, and Perspective urn:uuid:8e32ebec-c220-00e2-c636-d19e08ea19ea Sun, 18 May 2025 00:00:00 +0000 Together, we are focused on securing the full AI lifecycle—from development and training to deployment and inference—across cloud, data center, and AI factories. Trend Micro Research : Latest News Trend Micro Research : Articles, News, Reports Trend Micro Research : Artificial Intelligence (AI) Using Agentic AI & Digital Twin for Cyber Resilience https://www.trendmicro.com/en_us/research/25/e/ai-digital-twin-cyber-resilience.html Research, News, and Perspective urn:uuid:1af350dd-dc52-6df3-0122-74f9007ff89d Sun, 18 May 2025 00:00:00 +0000 Learn how Trend is combining agentic AI and digital twin to transform the way organizations protect themselves from cyber threats. Trend Micro Research : Latest News Trend Micro Research : Artificial Intelligence (AI) Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Trend Secures AI Infrastructure with NVIDIA https://www.trendmicro.com/en_us/research/25/e/trend-secures-ai-infrastructure-with-nvidia.html Research, News, and Perspective urn:uuid:328245e8-1808-019b-c63f-1399f304e148 Sun, 18 May 2025 00:00:00 +0000 Together, we are focused on securing the full AI lifecycle—from development and training to deployment and inference—across cloud, data center, and AI factories. Trend Micro Research : Latest News Trend Micro Research : Articles, News, Reports Trend Micro Research : Artificial Intelligence (AI) Earth Ammit Disrupts Drone Supply Chains Through Coordinated Multi-Wave Attacks in Taiwan https://www.trendmicro.com/en_us/research/25/e/earth-ammit.html Research, News, and Perspective urn:uuid:540bf713-4289-254d-161f-22e9f02a9612 Tue, 13 May 2025 00:00:00 +0000 Trend™ Research discusses the evolving tradecraft of threat actor Earth Ammit, proven by the advanced toolset used in its TIDRONE and VENOM campaigns that targeted the drone supply chain. Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Trend Micro Research : Research Pierre Lee Trend Micro Puts a Spotlight on AI at Pwn2Own Berlin https://www.trendmicro.com/en_us/research/25/e/pwn2own-berlin-2025.html Research, News, and Perspective urn:uuid:7be4b064-6a93-f95d-9bdc-bd8c7905bc72 Tue, 13 May 2025 00:00:00 +0000 Get a sneak peak into how Trend Micro's Pwn2Own Berlin 2025 is breaking new ground, focusing on AI infrastructure and finding the bugs to proactively safeguard the future of computing. Trend Micro Research : Latest News Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Artificial Intelligence (AI) Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Russ Meyers Maritime Cybersecurity: Threats & Regulations Loom https://www.trendmicro.com/en_us/research/25/e/maritime-cybersecurity-threats-regulations.html Research, News, and Perspective urn:uuid:6c643e13-9004-7c7e-23f4-aeb1c160bef8 Fri, 09 May 2025 00:00:00 +0000 This review summarizes the key insights shared during the webinar held on April 9th, which featured maritime cybersecurity experts discussing the growing challenges facing ports, logistics operations, and global supply chains. Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Trend Micro Research : Expert Perspective Zack Martin Agenda Ransomware Group Adds SmokeLoader and NETXLOADER to Their Arsenal https://www.trendmicro.com/en_us/research/25/e/agenda-ransomware-group-adds-smokeloader-and-netxloader-to-their.html Research, News, and Perspective urn:uuid:134b88d5-e91a-f6bb-59a5-01de41cc8e61 Wed, 07 May 2025 00:00:00 +0000 During our monitoring of Agenda ransomware activities, we uncovered campaigns that made use of the SmokeLoader malware and a new loader we've named NETXLOADER. Trend Micro Research : Endpoints Trend Micro Research : Ransomware Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Jacob Santos Exploring PLeak: An Algorithmic Method for System Prompt Leakage https://www.trendmicro.com/en_us/research/25/e/exploring-pleak.html Research, News, and Perspective urn:uuid:6602fa58-c686-e8ff-9431-7291330da176 Thu, 01 May 2025 00:00:00 +0000 What is PLeak, and what are the risks associated with it? We explored this algorithmic technique and how it can be used to jailbreak LLMs, which could be leveraged by threat actors to manipulate systems and steal sensitive data. Trend Micro Research : Research Trend Micro Research : Artificial Intelligence (AI) Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Karanjot Singh Saggu Earth Kasha Updates TTPs in Latest Campaign Targeting Taiwan and Japan https://www.trendmicro.com/en_us/research/25/d/earth-kasha-updates-ttps.html Research, News, and Perspective urn:uuid:d0e9f9af-0b4a-d72d-d032-981713a7722e Wed, 30 Apr 2025 00:00:00 +0000 This blog discusses the latest modifications observed in Earth Kasha’s TTPs from their latest campaign detected in March 2025 targeting Taiwan and Japan. Trend Micro Research : APT & Targeted Attacks Trend Micro Research : Articles, News, Reports Trend Micro Research : Research Hara Hiroaki NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk https://www.trendmicro.com/en_us/research/25/d/nvidia-riva-vulnerabilities.html Research, News, and Perspective urn:uuid:666e4551-79dd-25fb-dbe9-8aadbf8e514e Mon, 28 Apr 2025 00:00:00 +0000 Trend Research uncovered misconfigurations in NVIDIA Riva deployments, with two vulnerabilities, CVE-2025-23242 and CVE-2025-23243, contributing to their exposure. These security flaws could lead to unauthorized access, resource abuse, and potential misuse or theft of AI-powered inference services, including speech recognition and text-to-speech processing. Trend Micro Research : Endpoints Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Alfredo Oliveira Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors https://www.trendmicro.com/en_us/research/25/d/earth-kurma-apt-campaign.html Research, News, and Perspective urn:uuid:8000ed26-5043-c739-aacb-37c741eeca5c Fri, 25 Apr 2025 00:00:00 +0000 An APT group dubbed Earth Kurma is actively targeting government and telecommunications organizations in Southeast Asia using advanced malware, rootkits, and trusted cloud services to conduct cyberespionage. Trend Micro Research : APT & Targeted Attacks Trend Micro Research : Endpoints Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Nick Dai Russian Infrastructure Plays Crucial Role in North Korean Cybercrime Operations https://www.trendmicro.com/en_us/research/25/d/russian-infrastructure-north-korean-cybercrime.html Research, News, and Perspective urn:uuid:fdd87b90-c7ab-3567-1b67-e87e04424c03 Wed, 23 Apr 2025 00:00:00 +0000 In this blog entry, we discuss how North Korea's significant role in cybercrime – including campaigns attributed to Void Dokkaebi – is facilitated by extensive use of anonymization networks and the use of Russian IP ranges. Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Trend Micro Research : Research Feike Hacquebord FOG Ransomware Spread by Cybercriminals Claiming Ties to DOGE https://www.trendmicro.com/en_us/research/25/d/fog-ransomware-concealed-within-binary-loaders-linking-themselve.html Research, News, and Perspective urn:uuid:6a1f8c52-507f-6692-6e46-0869e5fc34e6 Mon, 21 Apr 2025 00:00:00 +0000 This blog details our investigation of malware samples that conceal within them a FOG ransomware payload. Trend Micro Research : Articles, News, Reports Trend Micro Research : Ransomware Trend Micro Research : Research Nathaniel Morales CrazyHunter Campaign Targets Taiwanese Critical Sectors https://www.trendmicro.com/en_us/research/25/d/crazyhunter-campaign.html Research, News, and Perspective urn:uuid:beb8f883-032a-c07c-3a2f-00cf8a5c155f Wed, 16 Apr 2025 00:00:00 +0000 This blog entry details research on emerging ransomware group CrazyHunter, which has launched a sophisticated campaign aimed at Taiwan's essential services. Trend Micro Research : Endpoints Trend Micro Research : Ransomware Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Maristel Policarpio ZDI-23-1527 and ZDI-23-1528: The Potential Impact of Overly Permissive SAS Tokens on PC Manager Supply Chains https://www.trendmicro.com/en_us/research/25/d/zdi-23-1527-and-zdi-23-1528-the-potential-impact-of-overly-permi.html Research, News, and Perspective urn:uuid:b9fcbbdb-39d3-9cad-5e2a-b27c04786f95 Tue, 15 Apr 2025 00:00:00 +0000 In ZDI-23-1527 and ZDI-23-1528 we uncover two possible scenarios where attackers could have compromised the Microsoft PC Manager supply chain. Trend Micro Research : Cyber Risk Trend Micro Research : Articles, News, Reports Trend Micro Research : Research Nitesh Surana Strengthen Security with Cyber Risk Advisory https://www.trendmicro.com/en_us/research/25/d/cyber-risk-advisory.html Research, News, and Perspective urn:uuid:690d8095-8768-1c08-ee5c-3f4b35649b5b Tue, 15 Apr 2025 00:00:00 +0000 In today’s fast-paced digital world, cyber threats are constantly evolving. Attackers are leveraging advanced techniques and artificial intelligence (AI) to exploit vulnerabilities, leaving organizations vulnerable to breaches and disruptions. To combat these challenges, organizations must stay vigilant and implement more proactive cybersecurity measures. This is where our Cyber Risk Advisory service, powered by the Trend Vision One™ Cyber Risk Exposure Management (CREM) solution, step in to provide a strategic edge. Trend Micro Research : Cloud Trend Micro Research : Latest News Trend Micro Research : Endpoints Trend Micro Research : Network Trend Micro Research : Articles, News, Reports Trend Micro Research : Data center Kim Kinahan Top 10 for LLM & Gen AI Project Ranked by OWASP https://www.trendmicro.com/en_us/research/25/d/top-llm-gen-ai.html Research, News, and Perspective urn:uuid:94875dc5-8bf7-814c-44bb-6c3a40d98fdd Tue, 15 Apr 2025 00:00:00 +0000 Trend Micro has become a Gold sponsor of the OWASP Top 10 for LLM and Gen AI Project, merging cybersecurity expertise with OWASP's collaborative efforts to address emerging AI security risks. This partnership underscores Trend Micro's unwavering commitment to advancing AI security, ensuring a secure foundation for the transformative power of AI. Trend Micro Research : Latest News Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Artificial Intelligence (AI) Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Kim Kinahan BPFDoor’s Hidden Controller Used Against Asia, Middle East Targets https://www.trendmicro.com/en_us/research/25/d/bpfdoor-hidden-controller.html Research, News, and Perspective urn:uuid:93d61ced-9166-ec9a-329c-5cff00970092 Mon, 14 Apr 2025 00:00:00 +0000 A controller linked to BPF backdoor can open a reverse shell, enabling deeper infiltration into compromised networks. Recent attacks have been observed targeting the telecommunications, finance, and retail sectors across South Korea, Hong Kong, Myanmar, Malaysia, and Egypt. Trend Micro Research : Malware Trend Micro Research : Endpoints Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Fernando Mercês Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks https://www.trendmicro.com/en_us/research/25/d/incomplete-nvidia-patch.html Research, News, and Perspective urn:uuid:a76fd5d5-9025-f2c7-c9bf-547c323d23bf Thu, 10 Apr 2025 00:00:00 +0000 A previously disclosed vulnerability in NVIDIA Container Toolkit has an incomplete patch, which, if exploited, could put a wide range of AI infrastructure and sensitive data at risk. Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Network Trend Micro Research : Articles, News, Reports Abdelrahman Esmail Trend Vision One™ Now Supports Azure vTAP https://www.trendmicro.com/en_us/research/25/d/ndr-supports-azure-vtap.html Research, News, and Perspective urn:uuid:79b497ab-1a5b-55f2-1cb4-56fefb6834dc Wed, 09 Apr 2025 00:00:00 +0000 Effective April 2025, Microsoft is launching their Azure vTAP and integrating it with Trend Vision One Network Detection and Response solution. This integration allows organizations to gain deep visibility into cloud network traffic without compromising performance. It ensures real-time detection, faster incident response, and an enhanced security posture while reducing operational complexity. Trend Micro Research : Cloud Trend Micro Research : APT & Targeted Attacks Trend Micro Research : Compliance & Risks Trend Micro Research : Endpoints Trend Micro Research : Artificial Intelligence (AI) Trend Micro Research : Network Trend Micro Research : Security Strategies Trend Micro Research : Articles, News, Reports Janet Yao CTEM + CREM: Aligning Your Cybersecurity Strategy https://www.trendmicro.com/en_us/research/25/d/ctem-crem-cybersecurity-strategy.html Research, News, and Perspective urn:uuid:adbff737-8dd5-6efd-e87d-e4e8382fc276 Tue, 08 Apr 2025 00:00:00 +0000 Cyber threats evolve daily, and organizations need to move beyond traditional security approaches to stay ahead. That’s why Continuous Threat Exposure Management (CTEM), a concept introduced by Gartner, has been gaining traction. CTEM isn’t just another cybersecurity buzzword; it’s a structured, continuous program designed to help organizations identify, assess, and mitigate security risks proactively. If you’re considering implementing a CTEM program, Trend Vision One TM Cyber Risk Exposure Management (CREM) solution—formerly known as Attack Surface Risk Management (ASRM)—can give you a significant head start. Trend Micro Research : Cloud Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Expert Perspective Trend Micro Research : Cyber Threats Trend Micro Research : Compliance & Risks Trend Micro Research : Endpoints Trend Micro Research : Network Trend Micro Research : Articles, News, Reports Alifiya Sadikali GTC 2025: AI, Security & The New Blueprint https://www.trendmicro.com/en_us/research/25/d/gtc-ai-security-2025.html Research, News, and Perspective urn:uuid:0ef3c097-210f-de8d-e175-9e3144a539c8 Mon, 07 Apr 2025 00:00:00 +0000 From quantum leaps to AI factories, GTC 2025 proved one thing: the future runs on secure foundations. Trend Micro Research : Cloud Trend Micro Research : Artificial Intelligence (AI) Trend Micro Research : Expert Perspective Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Shannon Murphy Capacity is Critical in Riskier Threat Landscape https://www.trendmicro.com/en_us/research/25/d/threat-landscape-capacity.html Research, News, and Perspective urn:uuid:8508da8d-687e-5dce-b6b7-88b4a8bbae82 Fri, 04 Apr 2025 00:00:00 +0000 International cooperation, reporting, and capacity building are critical to enhance cybersecurity defenses. Effective governance in an increasingly risky landscape requires visibility as well as coordinated vulnerability disclosure. Trend Micro Research : Cloud Trend Micro Research : Compliance & Risks Trend Micro Research : Artificial Intelligence (AI) Trend Micro Research : Expert Perspective Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats AI Team The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques https://www.trendmicro.com/en_us/research/25/c/the-espionage-toolkit-of-earth-alux.html Research, News, and Perspective urn:uuid:dc7673d8-4c1b-d705-3d1d-cdd764f403a7 Mon, 31 Mar 2025 00:00:00 +0000 The cyberespionage techniques of Earth Alux, a China-linked APT group, are putting critical industries at risk. The attacks, aimed at the APAC and Latin American regions, leverage powerful tools and techniques to remain hidden while stealing sensitive data. Trend Micro Research : APT & Targeted Attacks Trend Micro Research : Endpoints Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Lenart Bermejo A Deep Dive into Water Gamayun’s Arsenal and Infrastructure https://www.trendmicro.com/en_us/research/25/c/deep-dive-into-water-gamayun.html Research, News, and Perspective urn:uuid:a2d83c91-def5-0b09-595e-1d006d93ed54 Fri, 28 Mar 2025 00:00:00 +0000 Trend Research discusses the delivery methods, custom payloads, and techniques used by Water Gamayun, the suspected Russian threat actor abusing a zero-day vulnerability in the Microsoft Management Console framework (CVE-2025-26633) to execute malicious code on infected machines. Trend Micro Research : Endpoints Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Aliakbar Zahravi Trend Cybertron: Full Platform or Open-Source? https://www.trendmicro.com/en_us/research/25/c/cybertron-ai-security.html Research, News, and Perspective urn:uuid:f1990f0a-1a2f-862c-f1d9-6ec1d7bf2523 Thu, 27 Mar 2025 00:00:00 +0000 Previously exclusive to Trend Vision One customers, select Trend Cybertron models, datasets and agents are now available via open-source. Build advanced security solutions and join us in developing the next generation of AI security technology. Trend Micro Research : Cloud Trend Micro Research : Latest News Trend Micro Research : Web Trend Micro Research : Connected Car Trend Micro Research : Platform Trend Micro Research : Endpoints Trend Micro Research : TM Vision One Platform Trend Micro Research : Articles, News, Reports Trend Micro Research : Social Media Trend Micro Research : Smart Home Trend Micro Research : ASRM Trend Micro Research : Data center Trend Micro Research : ICS OT Trend Micro Research : IoT Trend Micro Research : Mobile Trend Micro Research : Network Dave McDuff Trend Micro & IBM Team Up To Boost Mainframe Security https://www.trendmicro.com/en_us/research/25/c/boost-mainframe-security.html Research, News, and Perspective urn:uuid:f59e664c-c952-944b-b072-7883b7b8e217 Thu, 27 Mar 2025 00:00:00 +0000 Trend Micro Deep Security adds security for mainframe enterprise integration Trend Micro Research : Cloud Trend Micro Research : Latest News Trend Micro Research : Compliance & Risks Trend Micro Research : Articles, News, Reports Trend Micro Research : Data center CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin https://www.trendmicro.com/en_us/research/25/c/cve-2025-26633-water-gamayun.html Research, News, and Perspective urn:uuid:7fcbdd8f-7681-3ed7-9c3e-ef2be834b378 Tue, 25 Mar 2025 00:00:00 +0000 Trend Research identified Russian threat actor Water Gamayun exploiting CVE-2025-26633, a zero-day vulnerability in the Microsoft Management Console that attackers exploit to execute malicious code and exfiltrate data. Trend Micro Research : Endpoints Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Aliakbar Zahravi Albabat Ransomware Group Potentially Expands Targets to Multiple OS, Uses GitHub to Streamline Operations https://www.trendmicro.com/en_us/research/25/c/albabat-ransomware-group.html Research, News, and Perspective urn:uuid:1deccbab-21fa-5c36-5278-8cc5033cbc17 Fri, 21 Mar 2025 00:00:00 +0000 Trend Research encounters new versions of the Albabat ransomware, which appears to target Windows, Linux, and macOS devices. We also reveal the group’s use of GitHub to streamline their ransomware operation. Trend Micro Research : Endpoints Trend Micro Research : Ransomware Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Nathaniel Morales ZDI-CAN-25373: Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns https://www.trendmicro.com/en_us/research/25/c/windows-shortcut-zero-day-exploit.html Research, News, and Perspective urn:uuid:8714d1f4-0dab-9114-e42d-b332dbbf3c2d Tue, 18 Mar 2025 00:00:00 +0000 Trend Zero Day Initiative™ (ZDI) uncovered both state-sponsored and cybercriminal groups extensively exploiting ZDI-CAN-25373 (aka ZDI-25-148), a Windows .lnk file vulnerability that enables hidden command execution. Trend Micro Research : Endpoints Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Peter Girnus SocGholish’s Intrusion Techniques Facilitate Distribution of RansomHub Ransomware https://www.trendmicro.com/en_us/research/25/c/socgholishs-intrusion-techniques-facilitate-distribution-of-rans.html Research, News, and Perspective urn:uuid:9b8c4fc2-34b3-6363-fef1-fe478bdf5846 Fri, 14 Mar 2025 00:00:00 +0000 Trend Research analyzed SocGholish’s MaaS framework and its role in deploying RansomHub ransomware through compromised websites, using highly obfuscated JavaScript loaders to evade detection and execute various malicious tasks. Trend Micro Research : Malware Trend Micro Research : Endpoints Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Adam O'Connor AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution https://www.trendmicro.com/en_us/research/25/c/ai-assisted-fake-github-repositories.html Research, News, and Perspective urn:uuid:c51982da-fcf2-5023-8a1d-48319ef870fa Tue, 11 Mar 2025 00:00:00 +0000 In this blog entry, we uncovered a campaign that uses fake GitHub repositories to distribute SmartLoader, which is then used to deliver Lumma Stealer and other malicious payloads. The campaign leverages GitHub’s trusted reputation to evade detection, using AI-generated content to make fake repositories appear legitimate. Trend Micro Research : Endpoints Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Cj Arsley Mateo From Event to Insight: Unpacking a B2B Business Email Compromise (BEC) Scenario https://www.trendmicro.com/en_us/research/25/c/from-event-to-insight.html Research, News, and Perspective urn:uuid:bda21144-e6f1-939b-937b-1a8844d92521 Wed, 05 Mar 2025 00:00:00 +0000 Trend Micro™ Managed XDR assisted in an investigation of a B2B BEC attack that unveiled an entangled mesh weaved by the threat actor with the help of a compromised server, ensnaring three business partners in a scheme that spanned for days. This article features investigation insights, a proposed incident timeline, and recommended security practices. Trend Micro Research : Web Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Jay Yaneza Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security https://www.trendmicro.com/en_us/research/25/c/exploiting-deepseek-r1.html Research, News, and Perspective urn:uuid:9b08f94f-51e0-28e8-6e1d-f14284041950 Tue, 04 Mar 2025 00:00:00 +0000 This entry explores how the Chain of Thought reasoning in the DeepSeek-R1 AI model can be susceptible to prompt attacks, insecure output generation, and sensitive data theft. Trend Micro Research : Research Trend Micro Research : Artificial Intelligence (AI) Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Risk Trend Micro Research : Cyber Threats Trent Holmes Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal https://www.trendmicro.com/en_us/research/25/b/black-basta-cactus-ransomware-backconnect.html Research, News, and Perspective urn:uuid:05bb0114-5917-e495-332e-e6e5a21cd2ff Mon, 03 Mar 2025 00:00:00 +0000 In this blog entry, we discuss how the Black Basta and Cactus ransomware groups utilized the BackConnect malware to maintain persistent control and exfiltrate sensitive data from compromised machines. Trend Micro Research : Latest News Trend Micro Research : Malware Trend Micro Research : Ransomware Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Catherine Loveria Updated Shadowpad Malware Leads to Ransomware Deployment https://www.trendmicro.com/en_us/research/25/b/updated-shadowpad-malware-leads-to-ransomware-deployment.html Research, News, and Perspective urn:uuid:c393e3c4-4e87-1e44-e2c0-bf3e1173b2ba Thu, 20 Feb 2025 00:00:00 +0000 In this blog, we discuss about how Shadowpad is being used to deploy a new undetected ransomware family. They deploy the malware exploiting weak passwords and bypassing multi-factor authentication Trend Micro Research : Malware Trend Micro Research : Endpoints Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Daniel Lunghi Earth Preta Mixes Legitimate and Malicious Components to Sidestep Detection https://www.trendmicro.com/en_us/research/25/b/earth-preta-mixes-legitimate-and-malicious-components-to-sidestep-detection.html Research, News, and Perspective urn:uuid:c5720b0c-196b-4c49-0977-4013a70d888a Tue, 18 Feb 2025 00:00:00 +0000 Our Threat Hunting team discusses Earth Preta’s latest technique, in which the APT group leverages MAVInject and Setup Factory to deploy payloads, bypass ESET antivirus, and maintain control over compromised systems. Trend Micro Research : Latest News Trend Micro Research : Articles, News, Reports Trend Micro Research : Research Nathaniel Morales Chinese-Speaking Group Manipulates SEO with BadIIS https://www.trendmicro.com/en_us/research/25/b/chinese-speaking-group-manipulates-seo-with-badiis.html Research, News, and Perspective urn:uuid:66269b3d-b8ec-2f63-5a65-5d5cd840d996 Fri, 07 Feb 2025 00:00:00 +0000 This blog post details our analysis of an SEO manipulation campaign targeting Asia. We also share recommendations that can help enterprises proactively secure their environment. Trend Micro Research : Malware Trend Micro Research : Web Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Ted Lee CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks https://www.trendmicro.com/en_us/research/25/a/cve-2025-0411-ukrainian-organizations-targeted.html Research, News, and Perspective urn:uuid:d7fcc4f4-6b09-2e0c-6276-e90accf96a5b Tue, 04 Feb 2025 00:00:00 +0000 The Trend ZDI team offers an analysis on how CVE-2025-0411, a zero-day vulnerability in 7-Zip, was actively exploited to target Ukrainian organizations in a SmokeLoader campaign involving homoglyph attacks. Trend Micro Research : APT & Targeted Attacks Trend Micro Research : Endpoints Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Peter Girnus Native Sensors vs. Integrations for XDR Platforms? https://www.trendmicro.com/en_us/research/25/b/native-sensors-integrations-xdr-platform.html Research, News, and Perspective urn:uuid:1c5621d3-1218-6ee1-1a70-0489dc8bde01 Mon, 03 Feb 2025 00:00:00 +0000 Native sensors vs. integrations in XDR: Native sensors offer faster deployment, real-time detection, and deeper visibility, while integrations may add complexity and delays. Learn how to optimize your XDR strategy for improved security. Trend Micro Research : Endpoints Trend Micro Research : Articles, News, Reports Trend Micro Research : Expert Perspective Chris LaFleur Future of Cybersecurity: Will XDR Reshape SIEM & SOAR? https://www.trendmicro.com/en_us/research/25/a/xdr-siem-soar.html Research, News, and Perspective urn:uuid:5e37d4ee-abd3-8f3a-276a-ce3f4592b9a9 Fri, 31 Jan 2025 00:00:00 +0000 XDR is reshaping cybersecurity by unifying and enhancing SIEM and SOAR capabilities into a single platform. It addresses alert fatigue, improves incident correlation, simplifies operations, and enhances efficiency for SOC teams. Trend Micro Research : Cloud Trend Micro Research : Cyber Crime Trend Micro Research : Expert Perspective Trend Micro Research : Cyber Threats Trend Micro Research : Compliance & Risks Trend Micro Research : Endpoints Trend Micro Research : Network Trend Micro Research : Articles, News, Reports Chris LaFleur Lumma Stealer’s GitHub-Based Delivery Explored via Managed Detection and Response https://www.trendmicro.com/en_us/research/25/a/lumma-stealers-github-based-delivery-via-mdr.html Research, News, and Perspective urn:uuid:548f2f59-b0d4-bfbf-f9c2-d87d6d5fa291 Thu, 30 Jan 2025 00:00:00 +0000 The Managed XDR team investigated a sophisticated campaign distributing Lumma Stealer through GitHub, where attackers leveraged the platform's release infrastructure to deliver malware such as SectopRAT, Vidar, and Cobeacon. Trend Micro Research : Malware Trend Micro Research : Endpoints Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Buddy Tancio NDR: Not Just a "Nice to Have" Anymore https://www.trendmicro.com/en_us/research/25/a/network-detection-response-ndr.html Research, News, and Perspective urn:uuid:1c344145-0371-acfb-8495-34000816ae77 Thu, 30 Jan 2025 00:00:00 +0000 Network Detection and Response (NDR) is no longer a 'nice-to-have'—it’s essential. NDR complements EDR, accelerates incident response, and enhances visibility, making it a critical tool for modern cybersecurity strategies and service providers. Trend Micro Research : Cloud Trend Micro Research : Cyber Crime Trend Micro Research : Expert Perspective Trend Micro Research : Cyber Threats Trend Micro Research : Compliance & Risks Trend Micro Research : Endpoints Trend Micro Research : Network Trend Micro Research : Articles, News, Reports Chris LaFleur ASRM: A New Pillar for Cyber Insurance Underwriting https://www.trendmicro.com/en_us/research/25/a/asrm-cyber-insurance-underwriting.html Research, News, and Perspective urn:uuid:421c88ba-1b6b-31d3-53a8-a881cdd0549f Wed, 29 Jan 2025 00:00:00 +0000 ASRM transforms cyber insurance underwriting by integrating real-time risk assessments, advanced tools (NDR, EDR, Cloud Security, MDR), and proactive mitigation strategies to improve accuracy, reduce claims, and build trust. Trend Micro Research : Cloud Trend Micro Research : Cyber Crime Trend Micro Research : Expert Perspective Trend Micro Research : Cyber Threats Trend Micro Research : Compliance & Risks Trend Micro Research : Endpoints Trend Micro Research : Network Trend Micro Research : Articles, News, Reports Chris LaFleur Trend Micro and CISA Secure-By-Design Pledge https://www.trendmicro.com/en_us/research/25/a/cisa-secure-design-pledge.html Research, News, and Perspective urn:uuid:cbe9de5f-457d-1034-c63f-0b1f3b8dc323 Thu, 23 Jan 2025 00:00:00 +0000 Trend’s support reaffirms dedication to safeguarding products and customers Trend Micro Research : Cloud Trend Micro Research : Compliance & Risks Trend Micro Research : Security Strategies Trend Micro Research : Articles, News, Reports Invisible Prompt Injection: A Threat to AI Security https://www.trendmicro.com/en_us/research/25/a/invisible-prompt-injection-secure-ai.html Research, News, and Perspective urn:uuid:82ec137d-6724-576d-02bd-64a68c66e576 Wed, 22 Jan 2025 00:00:00 +0000 This article explains the invisible prompt injection, including how it works, an attack scenario, and how users can protect themselves. Trend Micro Research : Cloud Trend Micro Research : Cyber Crime Trend Micro Research : Expert Perspective Trend Micro Research : Cyber Threats Trend Micro Research : Endpoints Trend Micro Research : Artificial Intelligence (AI) Trend Micro Research : Articles, News, Reports Ian Ch Liu IoT Botnet Linked to Large-scale DDoS Attacks Since the End of 2024 https://www.trendmicro.com/en_us/research/25/a/iot-botnet-linked-to-ddos-attacks.html Research, News, and Perspective urn:uuid:91d24361-10d0-6233-7629-11a5f89bf93d Fri, 17 Jan 2025 00:00:00 +0000 Since the end of 2024, we have been continuously monitoring large-scale DDoS attacks orchestrated by an IoT botnet exploiting vulnerable IoT devices such as wireless routers and IP cameras. Trend Micro Research : Malware Trend Micro Research : IoT Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Trend Micro Research Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR https://www.trendmicro.com/en_us/research/25/a/investigating-a-web-shell-intrusion-with-trend-micro--managed-xd.html Research, News, and Perspective urn:uuid:422bf28a-7197-e34e-3f43-61e8c022c527 Tue, 14 Jan 2025 00:00:00 +0000 This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Risk Management Stephen Carbery World Tour Survey: Cloud Engineers Wrestle with Risk https://www.trendmicro.com/en_us/research/25/a/world-tour-cybersecurity-survey-2024.html Research, News, and Perspective urn:uuid:1de15b2f-0429-e085-058f-8545156a0287 Mon, 13 Jan 2025 00:00:00 +0000 Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what cloud security engineers teams had to say. Trend Micro Research : Cloud Trend Micro Research : Cyber Crime Trend Micro Research : Web Trend Micro Research : Research Trend Micro Research : Cyber Threats Trend Micro Research : Compliance & Risks Trend Micro Research : Network Trend Micro Research : Articles, News, Reports