Trend Micro
Law firms under cyberattack
In April 2023, Australian law firm HWL Ebsworth was hit by a cyberattack that possibly resulted in data of hundreds of its clients and dozens of government agencies being …
June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange
For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly …
Incorporating cloud security teams into the SOC enhances operational efficiencies
Security leaders are recognizing that cloud and the way cloud security teams work today are becoming increasingly critical to business and IT operations, according to Trend …
Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)
For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass …
Organizations brace for cyber attacks despite improved preparedness
Cyber-risk levels have improved from “elevated” to “moderate” for the first time, but insiders represent a persistent threat for global organizations, …
PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates
Clop and LockBit ransomware affiliates are behind the recent attacks exploiting vulnerabilities in PaperCut application servers, according to Microsoft and Trend Micro …
PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)
An unauthenticated RCE flaw (CVE-2023-27350) in widely-used PaperCut MF and NG print management software is being exploited by attackers to take over vulnerable application …
Microsoft patches zero-day exploited by attackers (CVE-2023-28252)
It’s April 2023 Patch Tuesday, and Microsoft has released fixes for 97 CVE-numbered vulnerabilities, including one actively exploited zero-day (CVE-2023-28252). About …
Criminal businesses adopt corporate behavior as they grow
As criminal groups increase in size, they adopt corporate-like behavior, but this shift brings about its own set of challenges and costs, according to Trend Micro. “The …
3CX supply chain attack: What do we know?
Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the …
3CX customers targeted via trojanized desktop app
Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began …
Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)
It’s March 2023 Patch Tuesday, and Microsoft has delivered fixes for 76 CVE-numbered vulnerabilities, including two actively exploited in the wild (CVE-2023-23397, …