TargetCompany Ransomware Abuses FUD Obfuscator Packers

Credit to Author: Don Ovid Ladores| Date: Mon, 07 Aug 2023 00:00:00 +0000

In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable (FUD) obfuscator engine BatCloak to infect vulnerable systems.

Read more

Detecting BPFDoor Backdoor Variants Abusing BPF Filters

Credit to Author: Fernando Merces| Date: Thu, 13 Jul 2023 00:00:00 +0000

An analysis of advanced persistent threat (APT) group Red Menshen’s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021.

Read more

Tailing Big Head Ransomware’s Variants, Tactics, and Impact

Credit to Author: Ieriz Nicolle Gonzalez| Date: Fri, 07 Jul 2023 00:00:00 +0000

We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware.

Read more

Generative AI Assistant Makes Hunting Threats Faster

Credit to Author: Shannon Murphy| Date: Tue, 20 Jun 2023 00:00:00 +0000

Learn how analysts can search for threats with greater accuracy, speed, and effectiveness.

Read more

SeroXen Mechanisms: Exploring Distribution, Risks, and Impact

Credit to Author: Peter Girnus| Date: Tue, 20 Jun 2023 00:00:00 +0000

This is the third installment of a three-part technical analysis of the fully undetectable (FUD) obfuscation engine BatCloak and SeroXen malware. In this entry, we document the techniques used to spread and abuse SeroXen, as well as the security risks, impact, implications of, and insights into highly evasive FUD batch obfuscators.

Read more

Your New AI Assistant: Trend Vision One™ – Companion

Credit to Author: Shannon Murphy| Date: Thu, 15 Jun 2023 00:00:00 +0000

Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential.

Read more

Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion

Credit to Author: Shannon Murphy| Date: Thu, 15 Jun 2023 00:00:00 +0000

Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential.

Read more

8220 Gang Evolves With New Strategies

Credit to Author: Sunil Bharti| Date: Tue, 16 May 2023 00:00:00 +0000

We observed the threat actor group known as “8220 Gang” employing new strategies for their respective campaigns, including exploits for the Linux utility “lwp-download” and CVE-2017-3506, an Oracle WebLogic vulnerability.

Read more

Attackers Use Containers for Profit via TrafficStealer

Credit to Author: Alfredo Oliveira| Date: Wed, 26 Apr 2023 00:00:00 +0000

We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads.

Read more

Mac Malware MacStealer Spreads as Fake P2E Apps

Credit to Author: Qi Sun| Date: Thu, 30 Mar 2023 00:00:00 +0000

We detected Mac malware MacStealer spreading via websites, social media, and messaging platforms Twitter, Discord, and Telegram. Cybercriminals lure victims to download it by plagiarizing legitimate play-to-earn (P2E) apps’ images and offering jobs as beta testers.

Read more