Search

Description Name: CVE-2020-0688 - Microsoft Exchange Validation Key Remote Code Execution - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movem...

This Hacking Tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed by a user. This

This Worm arrives by connecting affected removable drives to a system. It arrives by accessing affected shared networks. It arrives on a system as a file dropped by other malware or as a file

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not

This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It exploits software vulnerabilities to propagate to other

This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It gathers certain information on the affected

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. It avoids encrypting

This Worm executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Arrival Details This malware arrives via the following means:

This Worm executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Arrival Details This malware arrives via the following means:

Description Name: CVE-2022-41082 - MS EXCHANGE POWERSHELL RCE EXPLOIT - HTTP(REQUEST) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiti...

Description Name: CVE-2022-41040 - MS Exchange Server Side Request Forgery Exploit- HTTP(REQUEST) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry.The host exhibiting this ...

Description Name: CVE-2022-37958 - MS WINDOWS NEGOEX REQUEST - SMB2 (Exploit) . This is Trend Micro detection for SMB2 network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this ...

* indicates a new version of an existing rule Deep Packet Inspection Rules: DCERPC Services 1009801* - Microsoft Windows NTLM Elevation Of Privilege Vulnerability (CVE-2019-1040) 1010025* - Microsoft

This Hacking Tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Hacking Tool arrives on a

certificate file for printing. The mail contains an MS Excel file. Upon opening the attachment, it executes a macro that downloads other files. This malicious macro is blocked and detected by Trend Micro

with malware attachments in the form of a malicious MS Excel macro. Both are detected as variants of X2KM_LOCKY and X2KM_DLOADR. Spam filtering helps block these kinds of emails. Users are advised to

Trojan.JS.FLEMSDUCK.YPAD-A. Once infected with the malware, it has its own mailer script that it uses to propagate to other recipients. It does this by scraping the user's MS Outlook contact list and sends emails with the