Despite being unknown even to industry practitioners, the Data Distribution Service (DDS) protocol has been in use for more than a decade. This middleware software technology is responsible for running billions of public and private devices and mechanisms currently in use. DDS is integral in embedded systems that require real-time machine-to-machine communication, facilitating a reliable…
Trend Micro Threat Research observed active exploitation of the Spring4Shell vulnerability assigned as CVE-2022-22965, which allows malicious actors to weaponize and execute the Mirai botnet malware. The exploitation allows threat actors to download the Mirai sample to the “/tmp” folder and execute them after permission change using “chmod”. We began seeing malicious activities at the…
As the cyber attack surface continues to rapidly expand, enterprises need a security solution that can help organizations to better understand, communicate, and mitigate cyber risk across their entire IT ecosystem. And with many offerings on the market, choosing the right product can be challenging. CISOs can make a more informed decision by leveraging the…
The digital transformations that had enabled many enterprises to stay afloat amid the Covid-19 health crisis also brought about major upheavals in cybersecurity, the impact of which was still widely felt in 2021. Trend Micro detected and blocked more than 94 billion threats over the course of last year, keeping pace with malicious actors who…
Coinminers are one of the more profitable types of malware for malicious actors, and they require little maintenance once installed on a victim’s device. The malicious actor can have a coinminer masquerade itself as a legitimate app, trick susceptible users into running it on their systems, and just wait for the profits to roll in….
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about the Samba vulnerability discovered by Trend Micro. Also, read about the White House’s warning of Russian hacks as tensions with Ukraine grow. The Samba Vulnerability: What is…
In June 2020, OpenAI released version 3 of its Generative Pre-trained Transformer (GPT-3), a natural language transformer that took the tech world by storm with its uncanny ability to generate text seemingly written by humans. But GPT-3 was also trained on computer code, and recently OpenAI released a specialized version of its engine, named Codex,…
If there existed a prize for the most pervasive, critical, and least-known middleware technology, the Data Distribution Service (DDS) standard would certainly win it. When we first presented the results of this research at the Black Hat Europe Briefings, the audience appeared to be completely unaware (embarrassed, even) that the DDS drives railways, autonomous cars,…
It has been some time since SMS or text messaging has become a means to spread mobile malware. In September 2021, Trend Micro confirmed a new mobile malware infection chain targeting both Android and iPhone devices. The chain is triggered by a smishing message that appears to be sent from a telecommunications company. It is…
Coronavirus has caused a major shift to our working patterns. In many cases these will long outlast the pandemic. But working from home has its own risks. One is that you may invite ransomware attacks from a new breed of cyber-criminal who has previously confined his efforts to directly targeting the corporate network. Why? Because…