Rapture, a Ransomware Family With Similarities to Paradise

Credit to Author: Don Ovid Ladores| Date: Fri, 28 Apr 2023 00:00:00 +0000

In March and April 2023, we observed a type of ransomware targeting its victims via a minimalistic approach with tools that leave only a minimal footprint behind. Our findings revealed many of the preparations made by the perpetrators and how quickly they managed to carry out the ransomware attack.

Read more

S4x23 Review Part 3: Healthcare Cybersecurity Sessions

Credit to Author: Kazuhisa Tagaya| Date: Mon, 20 Mar 2023 00:00:00 +0000

This article focuses on the healthcare sector. Over the past two years, the healthcare sector has been in a constant state of emergency due to the COVID-19 pandemic, and as widely reported in the media, it has also been threatened by cyberattacks such as ransomware.

Read more

Examining Ransomware Payments From a Data-Science Lens

Credit to Author: Vladimir Kropotov| Date: Thu, 09 Mar 2023 00:00:00 +0000

In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups’ ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.”

Read more

Leveraging Data Science to Minimize the Blast Radius of Ransomware Attacks

Credit to Author: Vladimir Kropotov| Date: Thu, 02 Mar 2023 00:00:00 +0000

In this blog entry, we present a case study that illustrates how data-science techniques can be used to gain valuable insights about ransomware groups’ targeting patterns as detailed in our research paper, “What Decision-Makers Need to Know About Ransomware Risk.”

Read more

Royal Ransomware expands attacks by targeting Linux ESXi servers

Credit to Author: Nathaniel Morales| Date: Mon, 20 Feb 2023 00:00:00 +0000

Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog.

Read more

New Mimic Ransomware Abuses Everything APIs for its Encryption Process

Credit to Author: Nathaniel Morales| Date: Thu, 26 Jan 2023 00:00:00 +0000

Trend Micro researchers discovered a new ransomware that abuses the APIs of a legitimate tool called Everything, a Windows filename search engine developed by Voidtools that offers quick searching and real-time updates for minimal resource usage.

Read more

Vice Society Ransomware Group Targets Manufacturing Companies

Credit to Author: Ieriz Nicolle Gonzalez| Date: Tue, 24 Jan 2023 00:00:00 +0000

In this blog entry, we’d like to highlight our findings on Vice Society, which includes an end-to-end infection diagram that we were able to create using Trend Micro internal telemetry.

Read more

Conti Team One Splinter Group Resurfaces as Royal Ransomware with Callback Phishing Attacks

Credit to Author: Ivan Nicole Chavez| Date: Wed, 21 Dec 2022 00:00:00 +0000

From September to December, we detected multiple attacks from the Royal ransomware group. In this blog entry, we discuss findings from our investigation of this ransomware and the tools that Royal ransomware actors used to carry out their attacks.

Read more

Agenda Ransomware Uses Rust to Target More Vital Industries

Credit to Author: Nathaniel Morales| Date: Fri, 16 Dec 2022 00:00:00 +0000

This year, various ransomware-as-a-service groups have developed versions of their ransomware in Rust, including Agenda. Agenda’s Rust variant has targeted vital industries like its Go counterpart. In this blog, we will discuss how the Rust variant works.

Read more