Web3 IPFS Currently Used For Phishing
Credit to Author: Matsukawa Bakuei| Date: Tue, 20 Dec 2022 00:00:00 +0000
We discuss the use of the InterPlanetary File System (IPFS) in phishing attacks.
Read moreTrendMicro
Prevent Cryptocurrency Cyber Extortion
Credit to Author: Jon Clay| Date: Thu, 22 Dec 2022 00:00:00 +0000
Highly destructive cybercrime is on the rise, and most of it is being funded with anonymous cryptocurrency. We review cryptocurrency trends and how enterprises can enhance their cybersecurity posture to prevent cyber extortion.
Read moreDetecting Windows AMSI Bypass Techniques
Credit to Author: Jiri Sykora| Date: Wed, 21 Dec 2022 00:00:00 +0000
We look into some of the implementations that cybercriminals use to bypass the Windows Antimalware Scan Interface (AMSI) and how security teams can detect threats attempting to abuse it for compromise with Trend Micro Vision One™.
Read moreConti Team One Splinter Group Resurfaces as Royal Ransomware with Callback Phishing Attacks
Credit to Author: Ivan Nicole Chavez| Date: Wed, 21 Dec 2022 00:00:00 +0000
From September to December, we detected multiple attacks from the Royal ransomware group. In this blog entry, we discuss findings from our investigation of this ransomware and the tools that Royal ransomware actors used to carry out their attacks.
Read moreA Technical Analysis of CVE-2022-22583 and CVE-2022-32800
Credit to Author: Mickey Jin| Date: Wed, 21 Dec 2022 00:00:00 +0000
This blog entry discusses the technical details of how we exploited CVE-2022-22583 using a different method. We also tackle the technical details of CVE-2022-32800, another SIP-bypass that we discovered more recently, in this report.
Read moreTrend Micro Joins Google’s App Defense Alliance
Credit to Author: Jon Clay| Date: Fri, 16 Dec 2022 00:00:00 +0000
Trend Micro will be joining Google’s App Defense Alliance (ADA) to help improve their ability to identify malicious apps before they are published to the Google Play store.
Read moreWeb3 IPFS Only Used for Phishing – So Far
Credit to Author: Matsukawa Bakuei| Date: Tue, 20 Dec 2022 00:00:00 +0000
We discuss the use of the InterPlanetary File System (IPFS) in phishing attacks.
Read moreRaspberry Robin Malware Targets Telecom, Governments
Credit to Author: Christopher So| Date: Tue, 20 Dec 2022 00:00:00 +0000
We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September. The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools.
Read moreDiving into an Old Exploit Chain and Discovering 3 new SIP-Bypass Vulnerabilities
Credit to Author: Mickey Jin| Date: Tue, 20 Dec 2022 00:00:00 +0000
More than two years ago, a researcher, A2nkF demonstrated the exploit chain from root privilege escalation to SIP-Bypass up to arbitrary kernel extension loading. In this blog entry, we will discuss how we discovered 3 more vulnerabilities from the old exploit chain.
Read moreA Closer Look at Windows Kernel Threats
Credit to Author: Sherif Magdy| Date: Mon, 19 Dec 2022 00:00:00 +0000
In this blog entry, we discuss the reasons why malicious actors choose to and opt not to pursue kernel-level access in their attacks. It also provides an overview of kernel-level threats that have been publicly reported from April 2015 to October 2022.
Read more