Trend Micro Research : APT & Targeted Attacks

Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Research /

Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks 2024-03-18 at 12:02 By Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa. This article is an excerpt from Trend Micro Research, News and […]

React to this headline:

Loading spinner

Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks Read More »

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Ransomware /

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities 2024-02-27 at 10:18 By This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry. This

React to this headline:

Loading spinner

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities Read More »

Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Research /

Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections 2024-02-26 at 08:42 By During our monitoring of Earth Lusca, we noticed a new campaign that used Chinese-Taiwanese relations as a social engineering lure to infect selected targets. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to

React to this headline:

Loading spinner

Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections Read More »

Earth Preta Campaign Uses DOPLUGS to Target Asia

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Research /

Earth Preta Campaign Uses DOPLUGS to Target Asia 2024-02-20 at 11:55 By In this blog entry, we focus on Earth Preta’s campaign that employed a variant of the DOPLUGS malware to target Asian countries. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Earth Preta Campaign Uses DOPLUGS to Target Asia Read More »

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Phishing, Trend Micro Research : Research /

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets 2024-01-31 at 10:02 By Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted. This

React to this headline:

Loading spinner

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets Read More »

Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Malware, Trend Micro Research : Research /

Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant 13/10/2023 at 11:02 By Almost a year after Void Rabisu shifted its targeting from opportunistic ransomware attacks with an emphasis on cyberespionage, the threat actor is still developing its main malware, the ROMCOM backdoor. This article is an excerpt from Trend Micro Research, News

React to this headline:

Loading spinner

Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant Read More »

APT34 Deploys Phishing Attack With New Malware

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Network, Trend Micro Research : Phishing /

APT34 Deploys Phishing Attack With New Malware 29/09/2023 at 12:17 By We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to

React to this headline:

Loading spinner

APT34 Deploys Phishing Attack With New Malware Read More »

Examining the Activities of the Turla APT Group

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Network /

Examining the Activities of the Turla APT Group 22/09/2023 at 13:02 By We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group. This article is an excerpt from Trend Micro Research, News

React to this headline:

Loading spinner

Examining the Activities of the Turla APT Group Read More »

Attacks on 5G Infrastructure From Users’ Devices

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : ICS OT, Trend Micro Research : IoT, Trend Micro Research : Malware, Trend Micro Research : Mobile, Trend Micro Research : Network, Trend Micro Research : Privacy & Risks /

Attacks on 5G Infrastructure From Users’ Devices 20/09/2023 at 11:03 By Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed,

React to this headline:

Loading spinner

Attacks on 5G Infrastructure From Users’ Devices Read More »

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Malware, Trend Micro Research : Research /

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement 18/09/2023 at 14:32 By While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor’s server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we’ve dubbed SprySOCKS due to its swift behavior and

React to this headline:

Loading spinner

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement Read More »

Earth Estries Targets Government, Tech for Cyberespionage

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Network /

Earth Estries Targets Government, Tech for Cyberespionage 30/08/2023 at 12:46 By We break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures (TTPs) employed, we observed overlaps with the advanced persistent threat (APT) group FamousSparrow as Earth Estries targets governments and organizations in the

React to this headline:

Loading spinner

Earth Estries Targets Government, Tech for Cyberespionage Read More »

Detecting BPFDoor Backdoor Variants Abusing BPF Filters

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : IoT, Trend Micro Research : Malware, Trend Micro Research : Network /

Detecting BPFDoor Backdoor Variants Abusing BPF Filters 13/07/2023 at 13:02 By An analysis of advanced persistent threat (APT) group Red Menshen’s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Detecting BPFDoor Backdoor Variants Abusing BPF Filters Read More »

SeroXen Incorporates Latest BatCloak Engine Iteration

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : IoT, Trend Micro Research : Malware, Trend Micro Research : Phishing, Trend Micro Research : Privacy & Risks, Trend Micro Research : Spam /

SeroXen Incorporates Latest BatCloak Engine Iteration 15/06/2023 at 12:16 By We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable (FUD) .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s

React to this headline:

Loading spinner

SeroXen Incorporates Latest BatCloak Engine Iteration Read More »

Behind the Scenes: Unveiling the Hidden Workings of Earth Preta

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Research /

Behind the Scenes: Unveiling the Hidden Workings of Earth Preta 14/06/2023 at 15:00 By This blog entry discusses the more technical details on the most recent tools, techniques, and procedures (TTPs) leveraged by the Earth Preta APT group, and tackles how we were able to correlate different indicators connected to this threat actor. This article

React to this headline:

Loading spinner

Behind the Scenes: Unveiling the Hidden Workings of Earth Preta Read More »

Attack on Security Titans: Earth Longzhi Returns With New Tricks

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Research /

Attack on Security Titans: Earth Longzhi Returns With New Tricks 07/05/2023 at 18:25 By After months of dormancy, Earth Longzhi, a subgroup of advanced persistent threat (APT) group APT41, has reemerged using new techniques in its infection routine. This blog entry forewarns readers of Earth Longzhi’s resilience as a noteworthy threat. This article is an

React to this headline:

Loading spinner

Attack on Security Titans: Earth Longzhi Returns With New Tricks Read More »

Scroll to Top