Credit to Author: Carl Malipot| Date: Mon, 16 Oct 2023 00:00:00 +0000
This blog discusses how threat actors abuse Discord’s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware.
Read moreCredit to Author: Aliakbar Zahravi| Date: Thu, 05 Oct 2023 00:00:00 +0000
This entry delves into threat actors’ intricate methods to implant malicious payloads within seemingly legitimate applications and codebases.
Read moreCredit to Author: Shannon Murphy| Date: Thu, 21 Sep 2023 00:00:00 +0000
This year, the MITRE Engenuity ATT&CK evaluation tested cybersecurity vendors against simulated attack scenarios mimicking the adversary group “Turla.” Learn about Trend Micro’s 100% successful protection performance.
Read moreCredit to Author: Cedric Pernet| Date: Thu, 21 Sep 2023 00:00:00 +0000
This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud.
Read moreCredit to Author: Salim S.I.| Date: Wed, 20 Sep 2023 00:00:00 +0000
Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency, and productivity brought by 5G. This entry describes CVE-2021-45462 as a potential use case to deploy a denial-of-service (DoS) attack to private 5G networks.
Read moreCredit to Author: Ed Cabrera| Date: Tue, 19 Sep 2023 00:00:00 +0000
Behind the scenes of the world of vulnerability intelligence and threat hunting
Read moreCredit to Author: Hitomi Kimura| Date: Wed, 13 Sep 2023 00:00:00 +0000
In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method.
Read moreCredit to Author: Ted Lee| Date: Wed, 30 Aug 2023 00:00:00 +0000
We break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures (TTPs) employed, we observed overlaps with the advanced persistent threat (APT) group FamousSparrow as Earth Estries targets governments and organizations in the technology sector.
Read moreCredit to Author: Don Ovid Ladores| Date: Mon, 07 Aug 2023 00:00:00 +0000
In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable (FUD) obfuscator engine BatCloak to infect vulnerable systems.
Read moreCredit to Author: Jon Clay| Date: Thu, 13 Jul 2023 00:00:00 +0000
Embracing platform approach as the path to enhanced security and resilience
Read more