Nowe aktualizacje
- 09 de października de 2023In our research, we demonstrate how easy it is to discover insecure deployments of MQTT, how to identify customers of these insecure deployments, what data is being transmitted, and explore how an attacker can potentially misuse the data or abuse the insecurity of MQTT brokers.
- 21 de września de 2023We delve into three of the most active ransomware families that dominated the first half of 2023: LockBit, Clop, and BlackCat. This report features data from ransomware-as-a-service (RaaS) and extortion groups’ leak sites, Trend Micro’s open-source intelligence (OSINT) research, and the Trend Micro™ Smart Protection Network™, collected from Jan. 1 to June 30, 2023.
- 24 de sierpnia de 2023In our previous entry, we examined how credentials were being stored and logged in cleartext on compute instances (CIs) created in Azure Machine Learning (AML) service and the risks posed by the same. This article examines an information disclosure bug we found in one of the cloud agents used in the AML service and sheds light on the importance of threat modeling the agents’ features to uncover silent and hidden attack surfaces.
- 15 de sierpnia de 2023This report discusses the state of generative artificial intelligence (AI) in the cybercriminal underground: how cybercriminals are using ChatGPT, how they're adding ChatGPT features to their criminal products, and how they’re trying to remove censorship to ask ChatGPT anything.