Hunting for A New Stealthy Universal Rootkit Loader

Credit to Author: Sherif Magdy| Date: Tue, 11 Jul 2023 00:00:00 +0000

In this entry, we discuss the findings of our investigation into a piece of a signed rootkit, whose main binary functions as a universal loader that enables attackers to directly load a second-stage unsigned kernel module.

Read more

Tailing Big Head Ransomware’s Variants, Tactics, and Impact

Credit to Author: Ieriz Nicolle Gonzalez| Date: Fri, 07 Jul 2023 00:00:00 +0000

We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware.

Read more

How to Deploy Generative AI Safely and Responsibly

Credit to Author: Shannon Murphy| Date: Fri, 23 Jun 2023 00:00:00 +0000

New uses for generative AI are being introduced every day—but so are new risks.

Read more

Generative AI Assistant Makes Hunting Threats Faster

Credit to Author: Shannon Murphy| Date: Tue, 20 Jun 2023 00:00:00 +0000

Learn how analysts can search for threats with greater accuracy, speed, and effectiveness.

Read more

SeroXen Mechanisms: Exploring Distribution, Risks, and Impact

Credit to Author: Peter Girnus| Date: Tue, 20 Jun 2023 00:00:00 +0000

This is the third installment of a three-part technical analysis of the fully undetectable (FUD) obfuscation engine BatCloak and SeroXen malware. In this entry, we document the techniques used to spread and abuse SeroXen, as well as the security risks, impact, implications of, and insights into highly evasive FUD batch obfuscators.

Read more

Your New AI Assistant: Trend Vision One™ – Companion

Credit to Author: Shannon Murphy| Date: Thu, 15 Jun 2023 00:00:00 +0000

Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential.

Read more

Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion

Credit to Author: Shannon Murphy| Date: Thu, 15 Jun 2023 00:00:00 +0000

Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential.

Read more

SeroXen Incorporates Latest BatCloak Engine Iteration

Credit to Author: Peter Girnus| Date: Thu, 15 Jun 2023 00:00:00 +0000

We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable (FUD) .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s evasion capabilities and interoperability with other malware.

Read more

Analyzing the FUD Malware Obfuscation Engine BatCloak

Credit to Author: Peter Girnus| Date: Fri, 09 Jun 2023 00:00:00 +0000

We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable (FUD) capabilities.

Read more

Impulse Team’s Massive Years-Long Mostly-Undetected Cryptocurrency Scam

Credit to Author: Cedric Pernet| Date: Tue, 06 Jun 2023 00:00:00 +0000

We have been able to uncover a massive cryptocurrency scam involving more than a thousand websites handled by different affiliates linked to a program called Impulse Project, run by a threat actor named Impulse Team.

Read more