Importance of Scanning Files on Uploader Applications
In the digital age, the ability to upload files is a common feature in many applications, as it allows users...
Trend Micro Research : Exploits & Vulnerabilities
Why a Cloud Security Platform Approach is Critical
Why a Cloud Security Platform Approach is Critical | Trend Micro (US) Content has been added to your Folio Go...
TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types
Executing domain discovery and persistence commands Aside from malware deployment, we have also seen several attempts to discover network infrastructure...
Jenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk
Jenkins Args4j CVE-2024-23897 Files Exposed Code at Risk | Trend Micro (US) Content has been added to your Folio Go...
Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities
Threat actors exploiting other remote management tools We also saw threat actors deploying different remote management tools, such as another...
Exploring Changing SOC Landscapes
The SANS Institute's annual SOC Survey is a pivotal source of information for the cybersecurity community. In its seventh iteration,...
Global Cybersecurity Trends: AI, Geopolitical Risks, and Zero Trust
In the dynamic field of cybersecurity, the evolving trends of 2022, 2023, and the anticipated predictions for 2024 paint a...
SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes
On Feb. 13, 2024, Microsoft issued a patch for CVE-2024-21412, a Microsoft Defender SmartScreen zero-day vulnerability revolving around internet shortcuts....
CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day
Once the malware registers its victim, it then initiates a listener for incoming TCP connections, waiting to receive commands from...
Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code…
Object-Graph Navigation Language (OGNL) is an open-source component of many web applications, known for its role in the infamous Equifax...
Unifying Cloud Security Beyond Siloes
The cloud workload security (CWS) market has been rapidly consolidating capabilities like cloud infrastructure entitlement management (CIEM), cloud security posture...
Pawn Storm Uses Brute Force and Stealth Against High-Value Targets
Introduction Pawn Storm (also known as APT28 and Forest Blizzard) is an advanced persistent threat (APT) actor that shows incessant...
18X a Leader in Gartner Magic Quadrant for EPP
The Endpoint Threat and Technology Landscape is Changing Threat actor groups, insider threats, and nation state actors are developing and...
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign
Defense evasion by exploiting CVE-2023-36025 Once the malicious .url file exploiting CVE-2023-36025 is executed, it connects to an attacker-controlled server...
Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit
Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit Content has been added to your Folio Go to Folio (0)...
