Search
Keyword: unauthorized file encryption
Description Name: CVE-2024-1709 - ConnectWise ScreenConnect Authentication Bypass Exploit - HTTP (Response) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Move...
Description Name: CVE-2023-41265 - QLIK Request Tunneling Exploit - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting ...
Description Name: CVE-2023-32315 - Ignite Realtime Openfire Directory Traversal Exploit - HTTP (Response) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Moveme...
Description Name: CVE-2024-4956 - Nexus Repository 3 Path Traversal Exploit - HTTP (Response) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host ...
Description Name: CVE-2024-20767 - Cold Fusion Directory Traversal Exploit - HTTP (Response) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host e...
Description Name: CVE-2024-38856 - APACHE OFBIZ RCE EXPLOIT - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this t...
Description Name: CVE-2024-4883 - Progress WhatsUp Gold Traversal Exploit - TCP (Request) . This is Trend Micro detection for TCP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhib...
Description Name: CVE-2024-3400 - Palo Alto Command Injection Exploit - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibit...
Description Name: CVE-2023-48788 - FortiClientEMS SQL Injection Exploit - TCP (Request) . This is Trend Micro detection for TCP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibit...
Description Name: CVE-2024-4879 - ServiceNow Template Injection Exploit - HTTP (Response) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhi...
Description Name: CVE-2024-38112 - MSHTML RCE EXPLOIT - SMB2 (REQUEST) . This is Trend Micro detection for SMB2 network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of...
Description Name: CVE-2024-4885 - WHATSUP GOLD TRAVERSAL EXPLOIT - HTTP (REQUEST) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting t...
This variant of PETYA ransomware is involved in the ongoing attack campaign that Trend Micro discovered late June 2017 . Along with encryption capabilities it also has the ability to steal login
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files with specific file extensions. It
unauthorized use of the stolen data. Installation This Trojan creates the following folders: %Application Data%\{random1} %Application Data%\{random2} (Note: %Application Data% is the current user's Application
the user's account information, which may then lead to the unauthorized use of the stolen data. It attempts to steal information, such as user names and passwords, used when logging into certain banking
unauthorized use of the stolen data. It attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. It checks for the presence of the
unauthorized use of the stolen data. It attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. It checks for the presence of the
2003, or C:\Users\{user name} on Windows Vista and 7.) It drops the following files: %User Profile%\Documents\decrpt.dll -> encryption key (Note: %User Profile% is the current user's profile folder, which
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive