By David Fiser (Senior Cyber Threat Researcher) Jenkins is a widely used open-source automation server that allows DevOps developers to build, test, and deploy software efficiently and reliably. In order to make the most out of Jenkins’ modular architecture, developers make use of plugins that help extend its core features, allowing them to expand the… Continue reading Hiding in Plain Text: Jenkins Plugin Vulnerabilities
Month: August 2019
‘Heatstroke’ Campaign Uses Multistage Phishing Attack to Steal PayPal and Credit Card Information
By Jindrich Karasek (Threat Researcher) Despite having an apparent lull in the first half of 2019, phishing will remain a staple in a cybercriminal’s arsenal, and they’re not going to stop using it. The latest example is a phishing campaign dubbed Heatstroke, based on a variable found in their phishing kit code. Heatstroke demonstrates how… Continue reading ‘Heatstroke’ Campaign Uses Multistage Phishing Attack to Steal PayPal and Credit Card Information
Three Common Email Security Mistakes That MSPs Make
MSPs can generate recurring revenue by being proactive about educating customers about email threats and how to defeat them—if they avoid three common mistakes. Businesses have come to rely on cloud email and file-sharing applications for communication and productivity. But, too often, they assume these platforms’ built-in security delivers enough protection against email-borne… Continue reading Three Common Email Security Mistakes That MSPs Make
TA505 At It Again: Variety is the Spice of ServHelper and FlawedAmmyy
By Hara Hiroaki, Jaromir Horejsi, and Loseway Lu (Threats Analysts) TA505 continues to show that as a cybercriminal group, they intend to wreak as much havoc while maximizing potential profits. Given the group’s active campaigns since our updates in June and July, we continued following their latest campaigns. Just like in previous operations, they continue… Continue reading TA505 At It Again: Variety is the Spice of ServHelper and FlawedAmmyy
Trend Micro Named A Leader in 2019 Gartner Magic Quadrant for Endpoint Protection Platforms
Leadership. It’s a weighty term, although frequently it is used too lightly and all too often it’s a self-declared position. We believe, leaders can come and go, and leadership can be fleeting depending on the factors for long term success. It is for all these reasons, that we are proud, not only to be in… Continue reading Trend Micro Named A Leader in 2019 Gartner Magic Quadrant for Endpoint Protection Platforms
Asruex Backdoor Variant Infects Word Documents and PDFs Through Old MS Office and Adobe Vulnerabilities
By Ian Mercado and Mhica Romero Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old… Continue reading Asruex Backdoor Variant Infects Word Documents and PDFs Through Old MS Office and Adobe Vulnerabilities
The Sky Has Already Fallen (you just haven’t seen the alert yet)
Of course, the much-touted “Cybersecurity Skills Shortage” isn’t news to anyone, or it shouldn’t be. For seven or more years, journalists, industry analysts and practitioners have been opining about it one way or another. Analyses and opinions vary on how we have reached this impasse, my own being that this is a largely self-inflicted crisis… Continue reading The Sky Has Already Fallen (you just haven’t seen the alert yet)
How Do Threats Align With Detection And Solutions?
There are many different threats targeting many different areas of a corporate network. Have you ever wondered how those threats are stopped? What threats impact which areas of a network? What technology detects and blocks those threats? I wanted to build an interactive graphic to answer those questions. This interactive infographic can help you understand… Continue reading How Do Threats Align With Detection And Solutions?
This Week in Security News: Phishing Campaigns and a Biometric Data Breach
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about ever-increasing amounts of phishing campaigns and how Trend Micro caught 2.4 million attacks of this type — a 59% increase from 1.5 million in the… Continue reading This Week in Security News: Phishing Campaigns and a Biometric Data Breach
Uncovering a MyKings Variant With Bootloader Persistence via Managed Detection and Response
by Miguel Ang, Erika Mendoza and Buddy Tancio In May, during the Managed Detection and Response service on-boarding process of an electronics company in the Asia-Pacific region, we noticed suspicious activity via the Trend Micro Deep Discovery Inspector that turned out to be related to EternalBlue, an exploit perhaps more popularly known for being used in… Continue reading Uncovering a MyKings Variant With Bootloader Persistence via Managed Detection and Response