Credit to Author: Nathaniel Morales| Date: Mon, 04 Mar 2024 00:00:00 +0000
The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact.
Read moreCredit to Author: Ian Kenefick| Date: Tue, 27 Feb 2024 00:00:00 +0000
This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry.
Read moreCredit to Author: Trend Micro Research| Date: Thu, 22 Feb 2024 00:00:00 +0000
This research is the result of our collaboration with the National Crime Agency in the United Kingdom, who took action against LockBit as part of Operation Cronos, an international effort resulting in the undermining of its operations.
Read moreCredit to Author: Emmanuel Panopio| Date: Tue, 23 Jan 2024 00:00:00 +0000
In this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the actors behind it have acquired access to the source code of the notorious BlackMatter ransomware.
Read moreCredit to Author: Jon Clay| Date: Mon, 27 Nov 2023 00:00:00 +0000
Heading to AWS re:Invent 2023? Don’t miss out on our talk with Melinda Marks, ESG Practice Director for Cybersecurity, about cloud detection and response (CDR) and what’s trending in cloud security.
Read moreCredit to Author: Jon Clay| Date: Fri, 17 Nov 2023 00:00:00 +0000
Learn more about ALPHV filing a complaint with the Security and Exchange Commission (SEC) against their victim, which appears to be an attempt to influence MeridianLink to pay the ransom sooner than later.
Read moreCredit to Author: Sophia Nilette Robles| Date: Fri, 10 Nov 2023 00:00:00 +0000
We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations.
Read moreCredit to Author: Trent Bessell| Date: Thu, 12 Oct 2023 00:00:00 +0000
We detail an ongoing campaign abusing messaging platforms Skype and Teams to distribute the DarkGate malware to targeted organizations. We also discovered that once DarkGate is installed on the victim’s system, additional payloads were introduced to the environment.
Read moreCredit to Author: Mayumi Nishimura| Date: Fri, 06 Oct 2023 00:00:00 +0000
Digitalization has changed the business environment of the electric power industry, exposing it to various threats. This webinar will help you uncover previously unnoticed threats and develop countermeasures and solutions.
Read moreCredit to Author: Hitomi Kimura| Date: Wed, 13 Sep 2023 00:00:00 +0000
In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method.
Read more