Hunting for A New Stealthy Universal Rootkit Loader 11/07/2023 at 11:18 By In this entry, we discuss the findings of our investigation into a piece of a signed rootkit, whose main binary functions as a universal loader that enables attackers to directly load a second-stage unsigned kernel module. This article is an excerpt from Trend […]
React to this headline:
Hunting for A New Stealthy Universal Rootkit Loader Read More »
Malvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator 30/06/2023 at 13:34 By We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that
React to this headline:
Malvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator Read More »
An Overview of the Different Versions of the Trigona Ransomware 23/06/2023 at 15:24 By The Trigona ransomware is a relatively new ransomware family that began activities around late October 2022 — although samples of it existed as early as June 2022. Since then, Trigona’s operators have remained highly active, and in fact have been continuously
React to this headline:
An Overview of the Different Versions of the Trigona Ransomware Read More »
Gaps in Azure Service Fabric’s Security Call for User Vigilance 21/06/2023 at 13:43 By In this blog post, we discuss different configuration scenarios that may lead to security issues with Azure Service Fabric, a distributed platform for deploying, managing, and scaling microservices and container applications. This article is an excerpt from Trend Micro Research, News
React to this headline:
Gaps in Azure Service Fabric’s Security Call for User Vigilance Read More »
Behind the Scenes: Unveiling the Hidden Workings of Earth Preta 14/06/2023 at 15:00 By This blog entry discusses the more technical details on the most recent tools, techniques, and procedures (TTPs) leveraged by the Earth Preta APT group, and tackles how we were able to correlate different indicators connected to this threat actor. This article
React to this headline:
Behind the Scenes: Unveiling the Hidden Workings of Earth Preta Read More »
Investigating BlackSuit Ransomware’s Similarities to Royal 31/05/2023 at 13:02 By In this blog entry, we analyze BlackSuit ransomware and how it compares to Royal Ransomware. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
Investigating BlackSuit Ransomware’s Similarities to Royal Read More »
Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals 30/05/2023 at 17:19 By Void Rabisu, a malicious actor believed to be associated with the RomCom backdoor, was thought to be driven by financial gain because of its ransomware attacks. But in this blog entry, we discuss how the use of
React to this headline:
Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals Read More »
Abusing Web Services Using Automated CAPTCHA-Breaking Services and Residential Proxies 25/05/2023 at 11:52 By This blog entry features three case studies that show how malicious actors evade the antispam, antibot, and antiabuse measures of online web services via residential proxies and CAPTCHA-breaking services. This article is an excerpt from Trend Micro Research, News and Perspectives
React to this headline:
Abusing Web Services Using Automated CAPTCHA-Breaking Services and Residential Proxies Read More »
BlackCat Ransomware Deploys New Signed Kernel Driver 22/05/2023 at 13:03 By In this blog post, we will provide details on a BlackCat ransomware incident that occurred in February 2023, where we observed a new capability, mainly used for the defense evasion phase. This article is an excerpt from Trend Micro Research, News and Perspectives View
React to this headline:
BlackCat Ransomware Deploys New Signed Kernel Driver Read More »
Water Orthrus’s New Campaigns Deliver Rootkit and Phishing Modules 15/05/2023 at 13:12 By Water Orthrus has been active recently with two new campaigns. CopperStealth uses a rootkit to install malware on infected systems, while CopperPhish steals credit card information. This blog will provide the structure of the campaign and how they work. This article is
React to this headline:
Water Orthrus’s New Campaigns Deliver Rootkit and Phishing Modules Read More »
Malicious AI Tool Ads Used to Deliver Redline Stealer 12/05/2023 at 12:25 By We’ve been observing malicious advertisement campaigns in Google’s search engine with themes that are related to AI tools such as Midjourney and ChatGPT. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
Malicious AI Tool Ads Used to Deliver Redline Stealer Read More »
Attack on Security Titans: Earth Longzhi Returns With New Tricks 07/05/2023 at 18:25 By After months of dormancy, Earth Longzhi, a subgroup of advanced persistent threat (APT) group APT41, has reemerged using new techniques in its infection routine. This blog entry forewarns readers of Earth Longzhi’s resilience as a noteworthy threat. This article is an
React to this headline:
Attack on Security Titans: Earth Longzhi Returns With New Tricks Read More »
Inside the 2022 Email Cyber Threat Landscape 07/05/2023 at 18:25 By Key trends and predictions you should know about This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
Inside the 2022 Email Cyber Threat Landscape Read More »
Global Cyber Risk Lowers to Moderate Level in 2H’ 2022 07/05/2023 at 18:25 By Trend’s seventh edition of the Cyber Risk Index (CRI) reveals an in-depth analysis of cyber threat and vulnerabilities This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:
React to this headline:
Global Cyber Risk Lowers to Moderate Level in 2H’ 2022 Read More »