LockBit Attempts to Stay Afloat With a New Version 2024-02-22 at 10:02 By This research is the result of our collaboration with the National Crime Agency in the United Kingdom, who took action against LockBit as part of Operation Cronos, an international effort resulting in the undermining of its operations. This article is an excerpt […]
React to this headline:
LockBit Attempts to Stay Afloat With a New Version Read More »
Earth Preta Campaign Uses DOPLUGS to Target Asia 2024-02-20 at 11:55 By In this blog entry, we focus on Earth Preta’s campaign that employed a variant of the DOPLUGS malware to target Asian countries. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
Earth Preta Campaign Uses DOPLUGS to Target Asia Read More »
CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day 2024-02-13 at 22:16 By The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day
React to this headline:
CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day Read More »
What Generative AI Means for Cybersecurity in 2024 2024-02-08 at 19:00 By After a full year of life with ChatGPT cybersecurity experts have a clearer sense of how criminals are using generative AI to enhance attacks – learn what generative AI means for cybersecurity in 2024. This article is an excerpt from Trend Micro Research,
React to this headline:
What Generative AI Means for Cybersecurity in 2024 Read More »
Unifying Cloud Security Beyond Siloes 2024-02-06 at 20:32 By Attacks don’t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers—including the cloud—for more proactive risk management. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React
React to this headline:
Unifying Cloud Security Beyond Siloes Read More »
Prevent BEC with AI-Powered Email and Collaboration 2024-01-26 at 23:31 By Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging environments. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
Prevent BEC with AI-Powered Email and Collaboration Read More »
18X a Leader in Gartner Magic Quadrant for EPP 2024-01-23 at 01:17 By Explore why Trend Micro is recognized—for the 18th time—as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
18X a Leader in Gartner Magic Quadrant for EPP Read More »
Reduce Business Email Compromise with Collaboration 2024-01-18 at 22:16 By Here’s the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
Reduce Business Email Compromise with Collaboration Read More »
Analyzing AsyncRAT’s Code Injection into aspnet_compiler.exe Across Multiple Incident Response Cases 11/12/2023 at 12:17 By This blog entry delves into MxDR’s unraveling of the AsyncRAT infection chain across multiple cases, shedding light on the misuse of aspnet_compiler.exe, a legitimate Microsoft process originally designed for precompiling ASP.NET web applications. This article is an excerpt from Trend
React to this headline:
Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing 22/11/2023 at 10:11 By The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023. This article is an excerpt from
React to this headline:
Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing Read More »
ALPHV/BlackCat Take Extortion Public 17/11/2023 at 21:47 By Learn more about ALPHV filing a complaint with the Security and Exchange Commission (SEC) against their victim, which appears to be an attempt to influence MeridianLink to pay the ransom sooner than later. This article is an excerpt from Trend Micro Research, News and Perspectives View Original
React to this headline:
ALPHV/BlackCat Take Extortion Public Read More »
Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting 09/11/2023 at 12:01 By We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies. This article is an excerpt from
React to this headline:
APT34 Deploys Phishing Attack With New Malware 29/09/2023 at 12:17 By We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to
React to this headline:
APT34 Deploys Phishing Attack With New Malware Read More »
Examining the Activities of the Turla APT Group 22/09/2023 at 13:02 By We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group. This article is an excerpt from Trend Micro Research, News
React to this headline:
Examining the Activities of the Turla APT Group Read More »
Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign 21/09/2023 at 20:01 By This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to
React to this headline:
Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign Read More »
Analyzing a Facebook Profile Stealer Written in Node.js 05/09/2023 at 12:33 By We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication. This article is an excerpt from Trend Micro Research, News
React to this headline:
Analyzing a Facebook Profile Stealer Written in Node.js Read More »
Revisiting 16shop Phishing Kit, Trend-Interpol Partnership 01/09/2023 at 12:04 By In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign. This article is an excerpt
React to this headline:
Revisiting 16shop Phishing Kit, Trend-Interpol Partnership Read More »
Earth Estries Targets Government, Tech for Cyberespionage 30/08/2023 at 12:46 By We break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures (TTPs) employed, we observed overlaps with the advanced persistent threat (APT) group FamousSparrow as Earth Estries targets governments and organizations in the
React to this headline:
Earth Estries Targets Government, Tech for Cyberespionage Read More »
Monti Ransomware Unleashes a New Encryptor for Linux 14/08/2023 at 11:32 By The Monti ransomware collective has restarted their operations, focusing on institutions in the legal and governmental fields. Simultaneously, a new variant of Monti, based on the Linux platform, has surfaced, demonstrating notable differences from its previous Linux-based versions. This article is an excerpt
React to this headline:
Monti Ransomware Unleashes a New Encryptor for Linux Read More »
An Overview of the New Rhysida Ransomware Targeting the Healthcare Sector 09/08/2023 at 12:34 By In this blog entry, we will provide details on Rhysida, including its targets and what we know about its infection chain. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
An Overview of the New Rhysida Ransomware Targeting the Healthcare Sector Read More »