Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence
Trend Micro discovered that old Atlassian Confluence versions that were affected by CVE-2023-22527 are being exploited using a new in-memory fileless backdoor.
Trend Micro is a cybersecurity company whose research and products address malware, vulnerabilities, cloud risks, and cyberattacks.
Search across headline titles and summaries.
Background for this topic.
Trend Micro is a cybersecurity vendor whose products protect endpoints, email, networks, cloud workloads, and consumer devices. It also publishes threat intelligence and vulnerability research. News under this tag may therefore concern security software vulnerabilities, product updates, malware campaigns, or research that helps defenders identify and investigate attacks.
For security teams, the vendor’s agents and management consoles can have broad access to systems, so flaws in them may enable tampering, privilege escalation, or evasion of detection; reviewing advisories and applying supported updates is important. Detection rules and threat reports should be tested against internal telemetry before being used for blocking or incident response. Organizations using hosted services should also assess what endpoint or network data is collected, how long it is retained, who can access it, and whether those practices meet privacy and contractual requirements.
Weekly headline count for the current query.
Trend Micro discovered that old Atlassian Confluence versions that were affected by CVE-2023-22527 are being exploited using a new in-memory fileless backdoor.
The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.
This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints.
Follina was all very exciting, but did you patch CVE-2022-30136? Trend Micro Research has published an anatomy of a Windows remote code execution vulnerability lurking in the Network File System.…
We provide a guide to detecting Dirty Pipe, a Linux kernel vulnerability tracked as CVE-2022-0847.
This blog discusses how CVE-2021-4034 can be detected and blocked using Trend Micro™ Vision One™ and Trend Micro Cloud One™.