Credit to Author: Fyodor Yarochkin| Date: Wed, 17 May 2023 00:00:00 +0000
An overview of the Lemon Group’s use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things (IoT) devices. This research was presented in full at the Black Hat Asia 2023 Conference in Singapore in May 2023.
Read moreCredit to Author: Sunil Bharti| Date: Tue, 16 May 2023 00:00:00 +0000
We observed the threat actor group known as “8220 Gang” employing new strategies for their respective campaigns, including exploits for the Linux utility “lwp-download” and CVE-2017-3506, an Oracle WebLogic vulnerability.
Read moreCredit to Author: Jaromir Horejsi| Date: Mon, 15 May 2023 00:00:00 +0000
Water Orthrus has been active recently with two new campaigns. CopperStealth uses a rootkit to install malware on infected systems, while CopperPhish steals credit card information. This blog will provide the structure of the campaign and how they work.
Read moreCredit to Author: Junestherry Dela Cruz| Date: Fri, 12 May 2023 00:00:00 +0000
We’ve been observing malicious advertisement campaigns in Google’s search engine with themes that are related to AI tools such as Midjourney and ChatGPT.
Read moreCredit to Author: Khristian Joseph Morales| Date: Tue, 09 May 2023 00:00:00 +0000
The Trend Micro Managed XDR team investigated several Ducktail-related web browser credential dumping incidents involving different customers.
Read moreCredit to Author: Khristian Joseph Morales| Date: Tue, 09 May 2023 00:00:00 +0000
The Trend Micro Managed XDR team investigated several Ducktail-related web browser credential dumping incidents involving different customers.
Read moreCredit to Author: Shannon Murphy| Date: Mon, 08 May 2023 00:00:00 +0000
Unpacking the Future of Cybersecurity
Read moreCredit to Author: Ted Lee| Date: Tue, 02 May 2023 00:00:00 +0000
After months of dormancy, Earth Longzhi, a subgroup of advanced persistent threat (APT) group APT41, has reemerged using new techniques in its infection routine. This blog entry forewarns readers of Earth Longzhi’s resilience as a noteworthy threat.
Read moreCredit to Author: Don Ovid Ladores| Date: Fri, 28 Apr 2023 00:00:00 +0000
In March and April 2023, we observed a type of ransomware targeting its victims via a minimalistic approach with tools that leave only a minimal footprint behind. Our findings revealed many of the preparations made by the perpetrators and how quickly they managed to carry out the ransomware attack.
Read moreCredit to Author: Alfredo Oliveira| Date: Wed, 26 Apr 2023 00:00:00 +0000
We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads.
Read more