MITRE ATT&CK 2024 Results for Enterprise Security

Credit to Author: Mike Grodzki| Date: Mon, 09 Dec 2024 00:00:00 +0000

Enterprise 2024 will incorporate multiple, smaller emulations for a more nuanced and targeted evaluation of defensive capabilities. We’re excited to offer two distinct adversary focus areas: Ransomware targeting Windows and Linux, and the Democratic People’s Republic of Korea’s targeting macOS.

Read more

Fake LockBit, Real Damage: Ransomware Samples Abuse Amazon S3 to Steal Data

Credit to Author: Jaromir Horejsi| Date: Wed, 16 Oct 2024 00:00:00 +0000

This article uncovers a Golang ransomware abusing Amazon S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions.

Read more

Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data

Credit to Author: Jaromir Horejsi| Date: Wed, 16 Oct 2024 00:00:00 +0000

This article uncovers a Golang ransomware abusing AWS S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions.

Read more

How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections

Credit to Author: Kyle Philippe Yu| Date: Fri, 20 Sep 2024 00:00:00 +0000

Trend Micro tracked this group as Water Bakunawa, behind the RansomHub ransomware, employs various anti-EDR techniques to play a high-stakes game of hide and seek with security solutions.

Read more

QR Codes: Convenience or Cyberthreat?

Credit to Author: Sara Atie| Date: Tue, 23 Jul 2024 00:00:00 +0000

Security awareness and measures to detect and prevent sophisticated risks associated with QR code-based phishing attacks (quishing)

Read more

Play Ransomware Group’s New Linux Variant Targets ESXi, Shows Ties With Prolific Puma

Credit to Author: Cj Arsley Mateo| Date: Fri, 19 Jul 2024 00:00:00 +0000

Trend Micro threat hunters discovered that the Play ransomware group has been deploying a new Linux variant that targets ESXi environments. Read our blog entry to know more.

Read more

Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption

Credit to Author: Christopher Boyton| Date: Wed, 03 Apr 2024 00:00:00 +0000

Our new article provides key highlights and takeaways from Operation Cronos’ disruption of LockBit’s operations, as well as telemetry details on how LockBit actors operated post-disruption.

Read more