Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures

Credit to Author: Peter Girnus| Date: Tue, 17 Jan 2023 00:00:00 +0000

We discovered an active campaign ongoing since at least mid-2022 which uses Middle Eastern geopolitical-themed lures to distribute NjRAT (also known as Bladabindi) to infect victims across the Middle East and North Africa.

Read more

Abusing a GitHub Codespaces Feature For Malware Delivery

Credit to Author: Nitesh Surana| Date: Mon, 16 Jan 2023 00:00:00 +0000

Proof of Concept (POC): We investigate one of the GitHub Codespaces’ real-time code development and collaboration features that attackers can abuse for cloud-based trusted malware delivery. Once exploited, malicious actors can abuse legitimate GitHub accounts to create a malware file server.

Read more

IcedID Botnet Distributors Abuse Google PPC to Distribute Malware

Credit to Author: Ian Kenefick| Date: Fri, 23 Dec 2022 00:00:00 +0000

We analyze the latest changes in IcedID botnet from a campaign that abuses Google pay per click (PPC) ads to distribute IcedID via malvertising attacks.

Read more

Detecting Windows AMSI Bypass Techniques

Credit to Author: Jiri Sykora| Date: Wed, 21 Dec 2022 00:00:00 +0000

We look into some of the implementations that cybercriminals use to bypass the Windows Antimalware Scan Interface (AMSI) and how security teams can detect threats attempting to abuse it for compromise with Trend Micro Vision One™.

Read more

Trend Micro Joins Google’s App Defense Alliance

Credit to Author: Jon Clay| Date: Fri, 16 Dec 2022 00:00:00 +0000

Trend Micro will be joining Google’s App Defense Alliance (ADA) to help improve their ability to identify malicious apps before they are published to the Google Play store.

Read more

A Closer Look at Windows Kernel Threats

Credit to Author: Sherif Magdy| Date: Mon, 19 Dec 2022 00:00:00 +0000

In this blog entry, we discuss the reasons why malicious actors choose to and opt not to pursue kernel-level access in their attacks. It also provides an overview of kernel-level threats that have been publicly reported from April 2015 to October 2022.

Read more

Trend Joining App Defense Alliance Announced by Google

Credit to Author: Jon Clay| Date: Thu, 15 Dec 2022 00:00:00 +0000

Trend Micro’s participation in Google’s App Defense Alliance will ensure the security of customers by preventing malicious apps from being made available on the Google Play Store.

Read more

Ransomware Business Models: Future Pivots and Trends

Credit to Author: Feike Hacquebord| Date: Thu, 15 Dec 2022 00:00:00 +0000

Ransomware groups and their business models are expected to change from what and how we know it to date. In this blog entry, we summarize from some of our insights the triggers that spark the small changes in the short term (“evolutions”) and the bigger deviations (“revolutions”) they can redirect their criminal enterprises to in the long run.

Read more