Trend Micro Research : Articles, News, Reports

ParaSiteSnatcher: How Malicious Chrome Extensions Target Brazil

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Research /

ParaSiteSnatcher: How Malicious Chrome Extensions Target Brazil 23/11/2023 at 11:31 By We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React […]

React to this headline:

Loading spinner

ParaSiteSnatcher: How Malicious Chrome Extensions Target Brazil Read More »

Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Phishing, Trend Micro Research : Research /

Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing 22/11/2023 at 10:11 By The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023. This article is an excerpt from

React to this headline:

Loading spinner

Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing Read More »

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Research /

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits 20/11/2023 at 12:17 By We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner. This article is an excerpt from Trend Micro Research, News and Perspectives

React to this headline:

Loading spinner

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits Read More »

ALPHV/BlackCat Take Extortion Public

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Endpoints, Trend Micro Research : Expert Perspective, Trend Micro Research : Network, Trend Micro Research : Ransomware /

ALPHV/BlackCat Take Extortion Public 17/11/2023 at 21:47 By Learn more about ALPHV filing a complaint with the Security and Exchange Commission (SEC) against their victim, which appears to be an attempt to influence MeridianLink to pay the ransom sooner than later. This article is an excerpt from Trend Micro Research, News and Perspectives View Original

React to this headline:

Loading spinner

ALPHV/BlackCat Take Extortion Public Read More »

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Ransomware, Trend Micro Research : Research /

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518 10/11/2023 at 13:18 By We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518 Read More »

Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Phishing, Trend Micro Research : Research /

Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting 09/11/2023 at 12:01 By We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies. This article is an excerpt from

React to this headline:

Loading spinner

Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting Read More »

Zero Day Threat Protection for Your Network

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Threats, Trend Micro Research : Expert Perspective /

Zero Day Threat Protection for Your Network 06/11/2023 at 11:32 By Explore the world of zero day threats and gain valuable insight into the importance of proactive detection and remediation. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Zero Day Threat Protection for Your Network Read More »

How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Latest News, Trend Micro Research : Reports, Trend Micro Research : Social Media, Trend Micro Research : Spam /

How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime 27/10/2023 at 12:50 By This report explores the Kopeechka service and gives a detailed technical analysis of the service’s features and capabilities and how it can help cybercriminals to achieve their goals. This article is an excerpt from Trend Micro Research, News and

React to this headline:

Loading spinner

How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime Read More »

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : ICS OT, Trend Micro Research : Mobile, Trend Micro Research : Research /

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores 24/10/2023 at 06:43 By In the second part of this series, we will examine how attackers can trigger vulnerabilities by sending control messages masquerading as user traffic to cross over from user plane to control plane. This article is an excerpt from Trend

React to this headline:

Loading spinner

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores Read More »

Beware: Lumma Stealer Distributed via Discord CDN

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Research /

Beware: Lumma Stealer Distributed via Discord CDN 16/10/2023 at 11:31 By This blog discusses how threat actors abuse Discord’s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React

React to this headline:

Loading spinner

Beware: Lumma Stealer Distributed via Discord CDN Read More »

Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Malware, Trend Micro Research : Research /

Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant 13/10/2023 at 11:02 By Almost a year after Void Rabisu shifted its targeting from opportunistic ransomware attacks with an emphasis on cyberespionage, the threat actor is still developing its main malware, the ROMCOM backdoor. This article is an excerpt from Trend Micro Research, News

React to this headline:

Loading spinner

Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant Read More »

Exposing Infection Techniques Across Supply Chains and Codebases

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Mobile, Trend Micro Research : Network, Trend Micro Research : Research /

Exposing Infection Techniques Across Supply Chains and Codebases 05/10/2023 at 12:47 By This entry delves into threat actors’ intricate methods to implant malicious payloads within seemingly legitimate applications and codebases. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Exposing Infection Techniques Across Supply Chains and Codebases Read More »

APT34 Deploys Phishing Attack With New Malware

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Network, Trend Micro Research : Phishing /

APT34 Deploys Phishing Attack With New Malware 29/09/2023 at 12:17 By We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to

React to this headline:

Loading spinner

APT34 Deploys Phishing Attack With New Malware Read More »

Examining the Activities of the Turla APT Group

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Network /

Examining the Activities of the Turla APT Group 22/09/2023 at 13:02 By We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group. This article is an excerpt from Trend Micro Research, News

React to this headline:

Loading spinner

Examining the Activities of the Turla APT Group Read More »

Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Latest News /

Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign 21/09/2023 at 20:01 By This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to

React to this headline:

Loading spinner

Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign Read More »

Attacks on 5G Infrastructure From Users’ Devices

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : ICS OT, Trend Micro Research : IoT, Trend Micro Research : Malware, Trend Micro Research : Mobile, Trend Micro Research : Network, Trend Micro Research : Privacy & Risks /

Attacks on 5G Infrastructure From Users’ Devices 20/09/2023 at 11:03 By Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed,

React to this headline:

Loading spinner

Attacks on 5G Infrastructure From Users’ Devices Read More »

Unsung Hero in Cyber Risk Management

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Latest News /

Unsung Hero in Cyber Risk Management 19/09/2023 at 20:49 By Behind the scenes of the world of vulnerability intelligence and threat hunting This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Unsung Hero in Cyber Risk Management Read More »

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Malware, Trend Micro Research : Research /

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement 18/09/2023 at 14:32 By While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor’s server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we’ve dubbed SprySOCKS due to its swift behavior and

React to this headline:

Loading spinner

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement Read More »

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Ransomware, Trend Micro Research : Research /

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware 13/09/2023 at 14:01 By In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source

React to this headline:

Loading spinner

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware Read More »

TrickBot & Conti Sanctions: Implications for CISOs & Boardrooms

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Compliance & Risks, Trend Micro Research : Data center, Trend Micro Research : Malware, Trend Micro Research : Network, Trend Micro Research : Ransomware, Trend Micro Research : Security Strategies, Trend Micro Research : Web /

TrickBot & Conti Sanctions: Implications for CISOs & Boardrooms 09/09/2023 at 01:01 By Discover what the increased regulatory risk due to recent US and UK sanctions imposed on TrickBot and Conti cybercriminals mean for CISOs and board members. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to

React to this headline:

Loading spinner

TrickBot & Conti Sanctions: Implications for CISOs & Boardrooms Read More »

Scroll to Top