MDR in Action: Preventing The More_eggs Backdoor From Hatching

Credit to Author: Ryan Soliven| Date: Mon, 30 Sep 2024 00:00:00 +0000

Trend Micro MDR (Managed Detection and Response) team promptly mitigated a more_eggs infection. Using Vision One, MDR illustrated how Custom Filters/Models and Security Playbook can be used to automate the response to more_eggs and similar threats.

Read more

Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC

Credit to Author: Ted Lee| Date: Thu, 19 Sep 2024 00:00:00 +0000

We observed Earth Baxia carrying out targeted attacks against APAC countries that involved advanced techniques like spear-phishing and customized malware, with data suggesting that the group operates from China.

Read more

Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command

Credit to Author: Mhica Romero| Date: Thu, 05 Sep 2024 00:00:00 +0000

Notorious Mekotio and BBTok are having a resurgence targeting Latin American users. Mekotio’s latest variant suggests the gang behind it is broadening their target, while BBTok is seen abusing MSBuild.exe to evade detection.

Read more

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft

Credit to Author: Jaromir Horejsi| Date: Thu, 01 Aug 2024 00:00:00 +0000

We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites.

Read more

QR Codes: Convenience or Cyberthreat?

Credit to Author: Sara Atie| Date: Tue, 23 Jul 2024 00:00:00 +0000

Security awareness and measures to detect and prevent sophisticated risks associated with QR code-based phishing attacks (quishing)

Read more

Deepfakes and AI-Driven Disinformation Threaten Polls

Credit to Author: Jon Clay| Date: Thu, 02 May 2024 00:00:00 +0000

Cheap and easy access to AI makes it harder to detect state-sponsored and homegrown campaigns during this election year

Read more

How Red Team Exercises Increases Your Cyber Health

Credit to Author: Johnny Krogsboll| Date: Thu, 11 Apr 2024 00:00:00 +0000

Delve into the world of red team exercises, their vital role in enhancing organizational security through simulated cyberattacks, including tactics like phishing and lateral movement within networks, and understand the need for regular testing and improvement to counter evolving threats effectively.

Read more

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets

Credit to Author: Feike Hacquebord| Date: Wed, 31 Jan 2024 00:00:00 +0000

Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted.

Read more

Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing

Credit to Author: Hitomi Kimura| Date: Wed, 22 Nov 2023 00:00:00 +0000

The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.

Read more

Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting

Credit to Author: Buddy Tancio| Date: Thu, 09 Nov 2023 00:00:00 +0000

We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies.

Read more