Trend Micro Research : Endpoints

Earth Estries Targets Government, Tech for Cyberespionage

Earth Estries Targets Government, Tech for Cyberespionage 30/08/2023 at 12:46 By We break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures (TTPs) employed, we observed overlaps with the advanced persistent threat (APT) group FamousSparrow as Earth Estries targets governments and organizations in the […]

React to this headline:

Loading spinner

Earth Estries Targets Government, Tech for Cyberespionage Read More »

Monti Ransomware Unleashes a New Encryptor for Linux

Monti Ransomware Unleashes a New Encryptor for Linux 14/08/2023 at 11:32 By The Monti ransomware collective has restarted their operations, focusing on institutions in the legal and governmental fields. Simultaneously, a new variant of Monti, based on the Linux platform, has surfaced, demonstrating notable differences from its previous Linux-based versions. This article is an excerpt

React to this headline:

Loading spinner

Monti Ransomware Unleashes a New Encryptor for Linux Read More »

An Overview of the New Rhysida Ransomware Targeting the Healthcare Sector

An Overview of the New Rhysida Ransomware Targeting the Healthcare Sector 09/08/2023 at 12:34 By In this blog entry, we will provide details on Rhysida, including its targets and what we know about its infection chain. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

An Overview of the New Rhysida Ransomware Targeting the Healthcare Sector Read More »

Latest Batloader Campaigns Use Pyarmor Pro for Evasion

Latest Batloader Campaigns Use Pyarmor Pro for Evasion 04/08/2023 at 15:32 By In June 2023, Trend Micro observed an upgrade to the evasion techniques used by the Batloader initial access malware, which we’ve covered in previous blog entries. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to

React to this headline:

Loading spinner

Latest Batloader Campaigns Use Pyarmor Pro for Evasion Read More »

Supply-Chain Attack Targeting Pakistani Government Delivers Shadowpad

Supply-Chain Attack Targeting Pakistani Government Delivers Shadowpad 14/07/2023 at 11:17 By We recently found that an MSI installer built by the National Information Technology Board (NITB), a Pakistani government entity, delivered a Shadowpad sample, suggesting a possible supply-chain attack. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React

React to this headline:

Loading spinner

Supply-Chain Attack Targeting Pakistani Government Delivers Shadowpad Read More »

Detecting BPFDoor Backdoor Variants Abusing BPF Filters

Detecting BPFDoor Backdoor Variants Abusing BPF Filters 13/07/2023 at 13:02 By An analysis of advanced persistent threat (APT) group Red Menshen’s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Detecting BPFDoor Backdoor Variants Abusing BPF Filters Read More »

Tailing Big Head Ransomware’s Variants, Tactics, and Impact

Tailing Big Head Ransomware’s Variants, Tactics, and Impact 07/07/2023 at 15:33 By We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware. This article is an excerpt from

React to this headline:

Loading spinner

Tailing Big Head Ransomware’s Variants, Tactics, and Impact Read More »

Four Must-haves to Strengthen Your Endpoint Security

Four Must-haves to Strengthen Your Endpoint Security 06/07/2023 at 09:45 By To combat complexity and achieve optimal security outcomes, there are four key factors an organization should consider when evaluating their endpoint security. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Four Must-haves to Strengthen Your Endpoint Security Read More »

Malvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator

Malvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator 30/06/2023 at 13:34 By We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that

React to this headline:

Loading spinner

Malvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator Read More »

An Overview of the Different Versions of the Trigona Ransomware

An Overview of the Different Versions of the Trigona Ransomware 23/06/2023 at 15:24 By The Trigona ransomware is a relatively new ransomware family that began activities around late October 2022 — although samples of it existed as early as June 2022. Since then, Trigona’s operators have remained highly active, and in fact have been continuously

React to this headline:

Loading spinner

An Overview of the Different Versions of the Trigona Ransomware Read More »

SeroXen Incorporates Latest BatCloak Engine Iteration

SeroXen Incorporates Latest BatCloak Engine Iteration 15/06/2023 at 12:16 By We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable (FUD) .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s

React to this headline:

Loading spinner

SeroXen Incorporates Latest BatCloak Engine Iteration Read More »

Attack Surface Management Strategies

Attack Surface Management Strategies 15/06/2023 at 12:16 By As organizations shift to the cloud in droves, their digital attack surface continues to rapidly expand. We explore how proactive cyber risk management can help harden your defenses and reduce the likelihood of an attack or breach. This article is an excerpt from Trend Micro Research, News

React to this headline:

Loading spinner

Attack Surface Management Strategies Read More »

Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion

Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion 15/06/2023 at 12:16 By Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion Read More »

To Fight Cyber Extortion and Ransomware, Shift Left

To Fight Cyber Extortion and Ransomware, Shift Left 15/06/2023 at 12:16 By How can organizations defend themselves more effectively against ransomware and other forms of cyber extortion? By “shifting left” and adopting proactive cybersecurity strategies to detect attacks sooner, mitigating breaches before they cause harm. This article is an excerpt from Trend Micro Research, News

React to this headline:

Loading spinner

To Fight Cyber Extortion and Ransomware, Shift Left Read More »

Behind the Scenes: Unveiling the Hidden Workings of Earth Preta

Behind the Scenes: Unveiling the Hidden Workings of Earth Preta 14/06/2023 at 15:00 By This blog entry discusses the more technical details on the most recent tools, techniques, and procedures (TTPs) leveraged by the Earth Preta APT group, and tackles how we were able to correlate different indicators connected to this threat actor. This article

React to this headline:

Loading spinner

Behind the Scenes: Unveiling the Hidden Workings of Earth Preta Read More »

Analyzing the FUD Malware Obfuscation Engine BatCloak

Analyzing the FUD Malware Obfuscation Engine BatCloak 09/06/2023 at 13:01 By We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable (FUD) capabilities. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to

React to this headline:

Loading spinner

Analyzing the FUD Malware Obfuscation Engine BatCloak Read More »

Investigating BlackSuit Ransomware’s Similarities to Royal

Investigating BlackSuit Ransomware’s Similarities to Royal 31/05/2023 at 13:02 By In this blog entry, we analyze BlackSuit ransomware and how it compares to Royal Ransomware. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Investigating BlackSuit Ransomware’s Similarities to Royal Read More »

New Info Stealer Bandit Stealer Targets Browsers, Wallets

New Info Stealer Bandit Stealer Targets Browsers, Wallets 26/05/2023 at 12:16 By This is an analysis of Bandit Stealer, a new Go-based information-stealing malware capable of evading detection as it targets multiple browsers and cryptocurrency wallets. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

New Info Stealer Bandit Stealer Targets Browsers, Wallets Read More »

Future Exploitation Vector: File Extensions as Top-Level Domains

Future Exploitation Vector: File Extensions as Top-Level Domains 23/05/2023 at 12:01 By In this blog entry, we will examine the security risks related to file extension-related Top-Level Domains (TLDs) while also providing best practices and recommendations on how both individual users and organizations can protect themselves from these hazards. This article is an excerpt from

React to this headline:

Loading spinner

Future Exploitation Vector: File Extensions as Top-Level Domains Read More »

BlackCat Ransomware Deploys New Signed Kernel Driver

BlackCat Ransomware Deploys New Signed Kernel Driver 22/05/2023 at 13:03 By In this blog post, we will provide details on a BlackCat ransomware incident that occurred in February 2023, where we observed a new capability, mainly used for the defense evasion phase. This article is an excerpt from Trend Micro Research, News and Perspectives View

React to this headline:

Loading spinner

BlackCat Ransomware Deploys New Signed Kernel Driver Read More »

Scroll to Top