Credit to Author: Hitomi Kimura| Date: Thu, 27 Oct 2022 00:00:00 +0000
Code signing certificates help us assure the file’s validity and legitimacy. However, threat actors can use that against us. In this blog, discover how QAKBOT use such tactic and learn ways how to prevent it.
Read moreCredit to Author: Mohamed Fahmy| Date: Tue, 25 Oct 2022 00:00:00 +0000
Our blog entry provides a look at an attack involving the LV ransomware on a Jordan-based company from an intrusion analysis standpoint
Read moreCredit to Author: Sunil Bharti| Date: Wed, 19 Oct 2022 00:00:00 +0000
Our honeypots caught malicious cryptocurrency miner samples targeting the cloud and containers, and its routines are reminiscent of the routines employed by cybercriminal group TeamTNT, which was said to have quit in November 2021. Our investigation shows that another threat actor group, WatchDog, might be mimicking TeamTNT’s arsenal.
Read moreCredit to Author: CH Lei| Date: Tue, 04 Oct 2022 00:00:00 +0000
For over 10 years, security researchers have been observing and keeping tabs of APT group Earth Aughisky’s malware families and the connections, including previously documented malware that have yet to be attributed.
Read moreCredit to Author: Sunil Bharti| Date: Wed, 21 Sep 2022 00:00:00 +0000
Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining.
Read moreCredit to Author: Sunil Bharti| Date: Wed, 14 Sep 2022 00:00:00 +0000
This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints.
Read moreCredit to Author: Vickie Su| Date: Fri, 02 Sep 2022 00:00:00 +0000
In March 2021, we investigated a backdoor with a unique modular architecture and called it BumbleBee due to a string embedded in the malware. However, in our recent investigations, we have discovered a controller application that expands its capabilities.
Read moreCredit to Author: Trend Micro Research| Date: Wed, 31 Aug 2022 00:00:00 +0000
This blog entry highlights the threats that dominated the first six months of the year, which we discussed in detail in our midyear cybersecurity roundup report, “Defending the Expanding Attack Surface.”
Read moreCredit to Author: Mohamed Fahmy| Date: Thu, 25 Aug 2022 00:00:00 +0000
A new piece of ransomware written in the Go language has been targeting healthcare and education enterprises in Asia and Africa. This ransomware is called Agenda and is customized per victim.
Read moreCredit to Author: Ryan Soliven| Date: Wed, 24 Aug 2022 00:00:00 +0000
We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware.
Read more