Trend Micro Research : Ransomware

Albabat Ransomware Group Potentially Expands Targets to Multiple OS, Uses GitHub to Streamline Operations

Albabat Ransomware Group Potentially Expands Targets to Multiple OS, Uses GitHub to Streamline Operations 2025-03-21 at 11:36 By Trend Research encounters new versions of the Albabat ransomware, which appears to target Windows, Linux, and macOS devices. We also reveal the group’s use of GitHub to streamline their ransomware operation. This article is an excerpt from […]

React to this headline:

Albabat Ransomware Group Potentially Expands Targets to Multiple OS, Uses GitHub to Streamline Operations Read More »

Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Latest News, Trend Micro Research : Malware, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal 2025-03-03 at 11:24 By In this blog entry, we discuss how the Black Basta and Cactus ransomware groups utilized the BackConnect malware to maintain persistent control and exfiltrate sensitive data from compromised machines. This article is an excerpt from Trend Micro Research, News

React to this headline:

Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal Read More »

MITRE ATT&CK 2024 Results for Enterprise Security

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Ransomware, Trend Micro Research : Reports / SecurityTicks

MITRE ATT&CK 2024 Results for Enterprise Security 2024-12-11 at 19:18 By Enterprise 2024 will incorporate multiple, smaller emulations for a more nuanced and targeted evaluation of defensive capabilities. We’re excited to offer two distinct adversary focus areas: Ransomware targeting Windows and Linux, and the Democratic People’s Republic of Korea’s targeting macOS. This article is an

React to this headline:

MITRE ATT&CK 2024 Results for Enterprise Security Read More »

Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data 2024-10-16 at 14:35 By This article uncovers a Golang ransomware abusing AWS S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions. This article is an excerpt

React to this headline:

Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data Read More »

How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections 2024-09-20 at 18:31 By Trend Micro tracked this group as Water Bakunawa, behind the RansomHub ransomware, employs various anti-EDR techniques to play a high-stakes game of hide and seek with security solutions. This article is an excerpt from Trend Micro Research, News and Perspectives

React to this headline:

How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections Read More »

How Trend Micro Managed Detection and Response Pressed Pause on a Play Ransomware Attack

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

How Trend Micro Managed Detection and Response Pressed Pause on a Play Ransomware Attack 2024-08-21 at 11:01 By Using the Trend Micro Vision One platform, our MDR team was able to quickly identify and contain a Play ransomware intrusion attempt. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source

React to this headline:

How Trend Micro Managed Detection and Response Pressed Pause on a Play Ransomware Attack Read More »

QR Codes: Convenience or Cyberthreat?

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Artificial Intelligence (AI), Trend Micro Research : Cloud, Trend Micro Research : Phishing, Trend Micro Research : Ransomware, Trend Micro Research : Security Strategies, Trend Micro Research : Web / SecurityTicks

QR Codes: Convenience or Cyberthreat? 2024-07-23 at 20:16 By Security awareness and measures to detect and prevent sophisticated risks associated with QR code-based phishing attacks (quishing) This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

QR Codes: Convenience or Cyberthreat? Read More »

Play Ransomware Group’s New Linux Variant Targets ESXi, Shows Ties With Prolific Puma

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Play Ransomware Group’s New Linux Variant Targets ESXi, Shows Ties With Prolific Puma 2024-07-19 at 10:31 By Trend Micro threat hunters discovered that the Play ransomware group has been deploying a new Linux variant that targets ESXi environments. Read our blog entry to know more. This article is an excerpt from Trend Micro Research, News

React to this headline:

Play Ransomware Group’s New Linux Variant Targets ESXi, Shows Ties With Prolific Puma Read More »

An In-Depth Look at Crypto-Crime in 2023 Part 2

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : ICS OT, Trend Micro Research : Malware, Trend Micro Research : Privacy & Risks, Trend Micro Research : Ransomware, Trend Micro Research : Reports / SecurityTicks

An In-Depth Look at Crypto-Crime in 2023 Part 2 2024-07-12 at 02:01 By In 2023, the cryptocurrency industry faced a significant increase in illicit activities, including money laundering, fraud, and ransomware attacks. Ransomware attacks were especially prevalent and profitable for attackers. However, other forms of criminal activity also saw a rise. This article is an

React to this headline:

An In-Depth Look at Crypto-Crime in 2023 Part 2 Read More »

An In-Depth Look at Crypto-Crime in 2023 Part 1

Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Privacy & Risks, Trend Micro Research : Ransomware / SecurityTicks

An In-Depth Look at Crypto-Crime in 2023 Part 1 2024-07-08 at 22:31 By Cybersecurity is a growing concern in today’s digital age, as more sensitive information is stored and transmitted online. With the rise of cryptocurrencies, there has also been a rise in crypto-crimes, which pose a significant threat to the security of both individuals

React to this headline:

An In-Depth Look at Crypto-Crime in 2023 Part 1 Read More »

TargetCompany’s Linux Variant Targets ESXi Environments

Trend Micro Research : Ransomware / SecurityTicks

TargetCompany’s Linux Variant Targets ESXi Environments 2024-06-05 at 13:02 By In this blog entry, our researchers provide an analysis of TargetCompany ransomware’s Linux variant and how it targets VMware ESXi environments using new methods for payload delivery and execution. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React

React to this headline:

TargetCompany’s Linux Variant Targets ESXi Environments Read More »

Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption 2024-04-03 at 14:31 By Our new article provides key highlights and takeaways from Operation Cronos’ disruption of LockBit’s operations, as well as telemetry details on how LockBit actors operated post-disruption. This article is an excerpt from Trend Micro Research, News and Perspectives View Original

React to this headline:

Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption Read More »

Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script 2024-03-26 at 10:31 By This blog entry discusses the Agenda ransomware group’s use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this

React to this headline:

Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script Read More »

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO 2024-03-04 at 11:05 By The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO Read More »

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Ransomware / SecurityTicks

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities 2024-02-27 at 10:18 By This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry. This

React to this headline:

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities Read More »

LockBit Attempts to Stay Afloat With a New Version

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

LockBit Attempts to Stay Afloat With a New Version 2024-02-22 at 10:02 By This research is the result of our collaboration with the National Crime Agency in the United Kingdom, who took action against LockBit as part of Operation Cronos, an international effort resulting in the undermining of its operations. This article is an excerpt

React to this headline:

LockBit Attempts to Stay Afloat With a New Version Read More »

Prevent BEC with AI-Powered Email and Collaboration

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Latest News, Trend Micro Research : Network, Trend Micro Research : Phishing, Trend Micro Research : Ransomware / SecurityTicks

Prevent BEC with AI-Powered Email and Collaboration 2024-01-26 at 23:31 By Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging environments. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Prevent BEC with AI-Powered Email and Collaboration Read More »

Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver 

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver  2024-01-23 at 10:16 By In this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the actors behind it have acquired access to the source code of the notorious BlackMatter ransomware.   This article is an excerpt from

React to this headline:

Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver  Read More »

Reduce Business Email Compromise with Collaboration

Reduce Business Email Compromise with Collaboration 2024-01-18 at 22:16 By Here’s the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Reduce Business Email Compromise with Collaboration Read More »

ALPHV/BlackCat Take Extortion Public

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Endpoints, Trend Micro Research : Expert Perspective, Trend Micro Research : Network, Trend Micro Research : Ransomware / SecurityTicks

ALPHV/BlackCat Take Extortion Public 17/11/2023 at 21:47 By Learn more about ALPHV filing a complaint with the Security and Exchange Commission (SEC) against their victim, which appears to be an attempt to influence MeridianLink to pay the ransom sooner than later. This article is an excerpt from Trend Micro Research, News and Perspectives View Original

React to this headline:

ALPHV/BlackCat Take Extortion Public Read More »