PurpleFox Adds New Backdoor That Uses WebSockets

Trend Micro – Trend Micro – PurpleFox Adds New Backdoor That Uses WebSockets Cyber Threats In September 2021, the Trend Micro Managed XDR (MDR) team looked into suspicious activity related…

Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One

Trend Micro – Trend Micro – A more detailed explanation of this chain and the specific techniques observed in this campaign can be found in our tech brief. We used…

Ransomware Operators Found Using New “Franchise” Business Model

Trend Micro – Trend Micro – Shared infrastructure  To date, we have found fifteen onion addresses used by at least four different servers, and three others still unknown. Onion Address…

October Patch Tuesday: 3 Critical Bulletins Among 71

Trend Micro – Trend Micro – The October 2021 Patch Tuesday continues the quiet streak observed for the months of August and September. Out of 71 bulletins, only three were rated Critical this month. The list also included a fix…

FormBook Adds Latest Office 365 0-Day Vulnerability (CVE-2021-40444) to Its Arsenal

Trend Micro – Trend Micro – FormBook Adds Latest Office 365 0-Day Vulnerability CVE-2021-40444 to Its Arsenal Exploits & Vulnerabilities Trend Micro detected a new campaign using a recent version…

Cinobi Banking Trojan Targets Cryptocurrency Exchange Users via Malvertising

Trend Micro – Trend Micro – SHA256 File name Note Analysis 124FE26D53E2702B42AE07F8AEC5EE4E79E7424BCE6ECDA608536BBF0A7A2377 oneroom_setup.zip Malicious game archive Trojan.Win32.SHELLOAD.AZ E667F9C109E20900CC8BADD09EDE6CDCE0BDC77164CFD035ACE95498E90D45E7 oneroom_game.zip Malicious game archive Trojan.Win32.SHELLOAD.AZ 93FFE7CF56FEB3FB541AEF91D3FC04A5CF22DF428DC0B7E5FEB8EDDDC2C72699 Magicalgirl.zip Malicious game archive Trojan.Win32.SHELLOAD.AZ AD13BB18465D259ACC6E4CEBA24BEFF42D50843C8FD92633C569E493A075FDDC…

Threat Actors Exploit Misconfigured Apache Hadoop YARN

Trend Micro – Trend Micro – SHA-265 Trend Micro Pattern Detection 25d19152363063eb2b1976b416452e63ad21c205f727837d38d17001831f17f3 Trojan.Linux.KINSING.AB ec5ed2498945a5b0b1c1f149e201d7395bf3cb1c50f471d820500028ffe19d53 Trojan.SH.KINSING.G d17b00fd7687d2de31b0dd3b43d468f1de281002228361ef3125b92de0c08772 Trojan.SH.CVE20207961.SM 6e25ad03103a1a972b78c642bac09060fa79c460011dc5748cbb433cc459938b Coinminer.Linux.MALXMR.PUWEMA 11547e36146e0b0956758d48faeb19d4db5e737dc942bc7498ed86a8010bdc8b Coinminer.Win32.MALXMR.TIAOODGJ 1caf7ed35dcb8eddb5bca9120294bc79e7d9a24d451bc0fbebb2195fa5826808 Coinminer.Win32.MALXMR.TIAOODGJ 7cd493e9a14eb33279a96fe025aae0ff37712a300e83dd334cff8ce138fd721a Coinminer.Win32.MALXMR.TIAOODGJ 83c4ff76659aec8db03942b3b7094736e4377048166839d3ab476067fbc2f892 Coinminer.Win32.MALXMR.TIAOODGJ 559a8ff34cf807e508d32e3a28864c687263587fe4ffdcefe3f462a7072dcc74 Coinminer.Win32.MALXMR.TIAOODDS/16.845.00 a5604893608cf08b7cbfb92d1cac20868808218b3cc453ca86da0abaeadc0537…