Credit to Author: Sophia Nilette Robles| Date: Fri, 10 Nov 2023 00:00:00 +0000
We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations.
Read moreCredit to Author: Buddy Tancio| Date: Thu, 09 Nov 2023 00:00:00 +0000
We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies.
Read moreCredit to Author: Holly Fraser| Date: Mon, 30 Oct 2023 00:00:00 +0000
Customer feedback validates Trend’s leadership in in XDR, endpoint security, hybrid Cloud
Read moreCredit to Author: Cedric Pernet| Date: Fri, 27 Oct 2023 00:00:00 +0000
This report explores the Kopeechka service and gives a detailed technical analysis of the service’s features and capabilities and how it can help cybercriminals to achieve their goals.
Read moreCredit to Author: Salim S.I.| Date: Fri, 20 Oct 2023 00:00:00 +0000
In the second part of this series, we will examine how attackers can trigger vulnerabilities by sending control messages masquerading as user traffic to cross over from user plane to control plane.
Read moreCredit to Author: Carl Malipot| Date: Mon, 16 Oct 2023 00:00:00 +0000
This blog discusses how threat actors abuse Discord’s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware.
Read moreCredit to Author: Feike Hacquebord| Date: Fri, 13 Oct 2023 00:00:00 +0000
Almost a year after Void Rabisu shifted its targeting from opportunistic ransomware attacks with an emphasis on cyberespionage, the threat actor is still developing its main malware, the ROMCOM backdoor.
Read moreCredit to Author: Trent Bessell| Date: Thu, 12 Oct 2023 00:00:00 +0000
We detail an ongoing campaign abusing messaging platforms Skype and Teams to distribute the DarkGate malware to targeted organizations. We also discovered that once DarkGate is installed on the victim’s system, additional payloads were introduced to the environment.
Read moreCredit to Author: Aliakbar Zahravi| Date: Thu, 05 Oct 2023 00:00:00 +0000
This entry delves into threat actors’ intricate methods to implant malicious payloads within seemingly legitimate applications and codebases.
Read moreCredit to Author: Mohamed Fahmy| Date: Fri, 29 Sep 2023 00:00:00 +0000
We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.
Read more