Credit to Author: Hara Hiroaki| Date: Tue, 19 Nov 2024 00:00:00 +0000
LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the group as Earth Kasha. We have identified a new campaign connected to this group with significant updates to their strategy, tactics, and arsenals.
Read moreCredit to Author: Ted Lee| Date: Fri, 08 Nov 2024 00:00:00 +0000
Discover how Earth Estries employs a diverse set of tactics, techniques, and tools, including malware such as Zingdoor and Snappybee, for its campaigns.
Read moreCredit to Author: Mohamed Fahmy| Date: Fri, 11 Oct 2024 00:00:00 +0000
Trend Micro’s investigation into the recent activity of Earth Simnavaz provides new insights into the APT group’s evolving tactics and the immediate threat it poses to sectors in the Middle East.
Read moreCredit to Author: Charles Adrian Marty| Date: Mon, 14 Oct 2024 00:00:00 +0000
Trend Micro researchers have uncovered a surge of malicious activities involving a threat actor group that we track as Water Makara. This group is targeting enterprises in Brazil, deploying banking malware using obfuscated JavaScript to slip past security defenses.
Read moreCredit to Author: Mohamed Fahmy| Date: Fri, 11 Oct 2024 00:00:00 +0000
Trend Micro’s investigation into the recent activity of Earth Simnavaz provides new insights into the APT group’s evolving tactics and the immediate threat it poses to critical sectors in the UAE.
Read moreCredit to Author: Mohamed Fahmy| Date: Fri, 11 Oct 2024 00:00:00 +0000
Trend Micro’s investigation into the recent activity of Earth Simnavaz provides new insights into the APT group’s evolving tactics and the immediate threat it poses to critical sectors in the UAE.
Read moreCredit to Author: Ted Lee| Date: Thu, 19 Sep 2024 00:00:00 +0000
We observed Earth Baxia carrying out targeted attacks against APAC countries that involved advanced techniques like spear-phishing and customized malware, with data suggesting that the group operates from China.
Read moreCredit to Author: Pierre Lee| Date: Fri, 06 Sep 2024 00:00:00 +0000
Our research reveals that an unidentified threat cluster we named TIDRONE have shown significant interest in military-related industry chains, particularly in the manufacturers of drones.
Read moreCredit to Author: Mohamed Fahmy| Date: Thu, 29 Aug 2024 00:00:00 +0000
Threat actors are targeting users in the Middle East by distributing sophisticated malware disguised as the Palo Alto GlobalProtect tool.
Read moreCredit to Author: Ted Lee| Date: Fri, 09 Aug 2024 00:00:00 +0000
Since late 2022, Earth Baku has broadened its scope from the Indo-Pacific region to Europe, the Middle East, and Africa. Their latest operations demonstrate sophisticated techniques, such as exploiting public-facing applications like IIS servers for initial access and deploying the Godzilla webshell for command and control.
Read more