Credit to Author: Ryan Soliven| Date: Thu, 02 Mar 2023 00:00:00 +0000
Find out how the Managed XDR team uncovered RedLine Stealer’s evasive spear-phishing campaign that targets the hospitality industry.
Read moreCredit to Author: Daniel Lunghi| Date: Wed, 01 Mar 2023 00:00:00 +0000
We detail the update that advanced persistent threat (APT) group Iron Tiger made on the custom malware family SysUpdate. In this version, we also found components that enable the malware to compromise Linux systems.
Read moreCredit to Author: Buddy Tancio| Date: Fri, 24 Feb 2023 00:00:00 +0000
Trend Micro’s Managed Extended Detection and Response (MxDR) team discovered that a file called x32dbg.exe was used to sideload a malicious DLL we identified as a variant of PlugX.
Read moreCredit to Author: Vincenzo Ciancaglini| Date: Tue, 21 Feb 2023 00:00:00 +0000
Amidst the uproar and opinions since November 2022, we look at the possibilities and implications of what OpenAI’s ChatGPT presents to the cybersecurity industry using a comparison to earlier products, like its predecessor GPT-3.
Read moreCredit to Author: Hara Hiroaki| Date: Thu, 16 Feb 2023 00:00:00 +0000
We detail the intrusion set Earth Yako, attributed to the campaign Operation RestyLink or EneLink. This analysis was presented in full at the JSAC 2023 in January 2023.
Read moreCredit to Author: Aliakbar Zahravi| Date: Thu, 09 Feb 2023 00:00:00 +0000
We discovered an active campaign targeting Eastern Europeans in the cryptocurrency industry using fake job lures.
Read moreCredit to Author: Mohamed Fahmy| Date: Thu, 02 Feb 2023 00:00:00 +0000
We analyze an infection campaign targeting organizations in the Middle East for cyberespionage in December 2022 using a new backdoor malware. The campaign abuses legitimate but compromised email accounts to send stolen data to external mail accounts controlled by the attackers.
Read moreCredit to Author: Junestherry Dela Cruz| Date: Tue, 17 Jan 2023 00:00:00 +0000
We discuss the Batloader malware campaigns we observed in the last quarter of 2022, including our analysis of Water Minyades-related events (This is the intrusion set we track behind the creation of Batloader).
Read moreCredit to Author: Peter Girnus| Date: Tue, 17 Jan 2023 00:00:00 +0000
We discovered an active campaign ongoing since at least mid-2022 which uses Middle Eastern geopolitical-themed lures to distribute NjRAT (also known as Bladabindi) to infect victims across the Middle East and North Africa.
Read moreCredit to Author: Nitesh Surana| Date: Mon, 16 Jan 2023 00:00:00 +0000
Proof of Concept (POC): We investigate one of the GitHub Codespaces’ real-time code development and collaboration features that attackers can abuse for cloud-based trusted malware delivery. Once exploited, malicious actors can abuse legitimate GitHub accounts to create a malware file server.
Read more