Trend Micro Research : Ransomware

Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data

Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data 2024-10-16 at 14:35 By This article uncovers a Golang ransomware abusing AWS S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions. This article is an excerpt […]

React to this headline:

Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data Read More »

How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections 2024-09-20 at 18:31 By Trend Micro tracked this group as Water Bakunawa, behind the RansomHub ransomware, employs various anti-EDR techniques to play a high-stakes game of hide and seek with security solutions. This article is an excerpt from Trend Micro Research, News and Perspectives

React to this headline:

How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections Read More »

How Trend Micro Managed Detection and Response Pressed Pause on a Play Ransomware Attack

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

How Trend Micro Managed Detection and Response Pressed Pause on a Play Ransomware Attack 2024-08-21 at 11:01 By Using the Trend Micro Vision One platform, our MDR team was able to quickly identify and contain a Play ransomware intrusion attempt. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source

React to this headline:

How Trend Micro Managed Detection and Response Pressed Pause on a Play Ransomware Attack Read More »

QR Codes: Convenience or Cyberthreat?

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Artificial Intelligence (AI), Trend Micro Research : Cloud, Trend Micro Research : Phishing, Trend Micro Research : Ransomware, Trend Micro Research : Security Strategies, Trend Micro Research : Web / SecurityTicks

QR Codes: Convenience or Cyberthreat? 2024-07-23 at 20:16 By Security awareness and measures to detect and prevent sophisticated risks associated with QR code-based phishing attacks (quishing) This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

QR Codes: Convenience or Cyberthreat? Read More »

Play Ransomware Group’s New Linux Variant Targets ESXi, Shows Ties With Prolific Puma

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Play Ransomware Group’s New Linux Variant Targets ESXi, Shows Ties With Prolific Puma 2024-07-19 at 10:31 By Trend Micro threat hunters discovered that the Play ransomware group has been deploying a new Linux variant that targets ESXi environments. Read our blog entry to know more. This article is an excerpt from Trend Micro Research, News

React to this headline:

Play Ransomware Group’s New Linux Variant Targets ESXi, Shows Ties With Prolific Puma Read More »

An In-Depth Look at Crypto-Crime in 2023 Part 2

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : ICS OT, Trend Micro Research : Malware, Trend Micro Research : Privacy & Risks, Trend Micro Research : Ransomware, Trend Micro Research : Reports / SecurityTicks

An In-Depth Look at Crypto-Crime in 2023 Part 2 2024-07-12 at 02:01 By In 2023, the cryptocurrency industry faced a significant increase in illicit activities, including money laundering, fraud, and ransomware attacks. Ransomware attacks were especially prevalent and profitable for attackers. However, other forms of criminal activity also saw a rise. This article is an

React to this headline:

An In-Depth Look at Crypto-Crime in 2023 Part 2 Read More »

An In-Depth Look at Crypto-Crime in 2023 Part 1

Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Privacy & Risks, Trend Micro Research : Ransomware / SecurityTicks

An In-Depth Look at Crypto-Crime in 2023 Part 1 2024-07-08 at 22:31 By Cybersecurity is a growing concern in today’s digital age, as more sensitive information is stored and transmitted online. With the rise of cryptocurrencies, there has also been a rise in crypto-crimes, which pose a significant threat to the security of both individuals

React to this headline:

An In-Depth Look at Crypto-Crime in 2023 Part 1 Read More »

TargetCompany’s Linux Variant Targets ESXi Environments

Trend Micro Research : Ransomware / SecurityTicks

TargetCompany’s Linux Variant Targets ESXi Environments 2024-06-05 at 13:02 By In this blog entry, our researchers provide an analysis of TargetCompany ransomware’s Linux variant and how it targets VMware ESXi environments using new methods for payload delivery and execution. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React

React to this headline:

TargetCompany’s Linux Variant Targets ESXi Environments Read More »

Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption 2024-04-03 at 14:31 By Our new article provides key highlights and takeaways from Operation Cronos’ disruption of LockBit’s operations, as well as telemetry details on how LockBit actors operated post-disruption. This article is an excerpt from Trend Micro Research, News and Perspectives View Original

React to this headline:

Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption Read More »

Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script 2024-03-26 at 10:31 By This blog entry discusses the Agenda ransomware group’s use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this

React to this headline:

Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script Read More »

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO 2024-03-04 at 11:05 By The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO Read More »

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Ransomware / SecurityTicks

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities 2024-02-27 at 10:18 By This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry. This

React to this headline:

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities Read More »

LockBit Attempts to Stay Afloat With a New Version

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

LockBit Attempts to Stay Afloat With a New Version 2024-02-22 at 10:02 By This research is the result of our collaboration with the National Crime Agency in the United Kingdom, who took action against LockBit as part of Operation Cronos, an international effort resulting in the undermining of its operations. This article is an excerpt

React to this headline:

LockBit Attempts to Stay Afloat With a New Version Read More »

Prevent BEC with AI-Powered Email and Collaboration

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Latest News, Trend Micro Research : Network, Trend Micro Research : Phishing, Trend Micro Research : Ransomware / SecurityTicks

Prevent BEC with AI-Powered Email and Collaboration 2024-01-26 at 23:31 By Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging environments. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Prevent BEC with AI-Powered Email and Collaboration Read More »

Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver 

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver  2024-01-23 at 10:16 By In this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the actors behind it have acquired access to the source code of the notorious BlackMatter ransomware.   This article is an excerpt from

React to this headline:

Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver  Read More »

Reduce Business Email Compromise with Collaboration

Reduce Business Email Compromise with Collaboration 2024-01-18 at 22:16 By Here’s the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Reduce Business Email Compromise with Collaboration Read More »

ALPHV/BlackCat Take Extortion Public

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Endpoints, Trend Micro Research : Expert Perspective, Trend Micro Research : Network, Trend Micro Research : Ransomware / SecurityTicks

ALPHV/BlackCat Take Extortion Public 17/11/2023 at 21:47 By Learn more about ALPHV filing a complaint with the Security and Exchange Commission (SEC) against their victim, which appears to be an attempt to influence MeridianLink to pay the ransom sooner than later. This article is an excerpt from Trend Micro Research, News and Perspectives View Original

React to this headline:

ALPHV/BlackCat Take Extortion Public Read More »

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518 10/11/2023 at 13:18 By We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518 Read More »

Electric Power System Cybersecurity Vulnerabilities

Trend Micro Research : Cyber Threats, Trend Micro Research : How To, Trend Micro Research : ICS OT, Trend Micro Research : Ransomware, Trend Micro Research : Webinar / SecurityTicks

Electric Power System Cybersecurity Vulnerabilities 10/10/2023 at 05:32 By Digitalization has changed the business environment of the electric power industry, exposing it to various threats. This webinar will help you uncover previously unnoticed threats and develop countermeasures and solutions. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React

React to this headline:

Electric Power System Cybersecurity Vulnerabilities Read More »

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware 13/09/2023 at 14:01 By In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source

React to this headline:

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware Read More »