Credit to Author: Don Ovid Ladores| Date: Tue, 18 Apr 2023 00:00:00 +0000
This blog post analyzes a stealthy and expeditious ransomware called BabLock (aka Rorschach), which shares many characteristics with LockBit.
Read moreCredit to Author: Kazuhisa Tagaya| Date: Mon, 20 Mar 2023 00:00:00 +0000
This article focuses on the healthcare sector. Over the past two years, the healthcare sector has been in a constant state of emergency due to the COVID-19 pandemic, and as widely reported in the media, it has also been threatened by cyberattacks such as ransomware.
Read moreCredit to Author: Vladimir Kropotov| Date: Thu, 09 Mar 2023 00:00:00 +0000
In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups’ ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.”
Read moreCredit to Author: Vladimir Kropotov| Date: Thu, 02 Mar 2023 00:00:00 +0000
In this blog entry, we present a case study that illustrates how data-science techniques can be used to gain valuable insights about ransomware groups’ targeting patterns as detailed in our research paper, “What Decision-Makers Need to Know About Ransomware Risk.”
Read moreCredit to Author: Nathaniel Morales| Date: Mon, 20 Feb 2023 00:00:00 +0000
Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog.
Read moreCredit to Author: Nathaniel Morales| Date: Thu, 26 Jan 2023 00:00:00 +0000
Trend Micro researchers discovered a new ransomware that abuses the APIs of a legitimate tool called Everything, a Windows filename search engine developed by Voidtools that offers quick searching and real-time updates for minimal resource usage.
Read moreCredit to Author: Ieriz Nicolle Gonzalez| Date: Tue, 24 Jan 2023 00:00:00 +0000
In this blog entry, we’d like to highlight our findings on Vice Society, which includes an end-to-end infection diagram that we were able to create using Trend Micro internal telemetry.
Read moreCredit to Author: Ivan Nicole Chavez| Date: Wed, 21 Dec 2022 00:00:00 +0000
From September to December, we detected multiple attacks from the Royal ransomware group. In this blog entry, we discuss findings from our investigation of this ransomware and the tools that Royal ransomware actors used to carry out their attacks.
Read moreCredit to Author: Nathaniel Morales| Date: Fri, 16 Dec 2022 00:00:00 +0000
This year, various ransomware-as-a-service groups have developed versions of their ransomware in Rust, including Agenda. Agenda’s Rust variant has targeted vital industries like its Go counterpart. In this blog, we will discuss how the Rust variant works.
Read moreCredit to Author: Feike Hacquebord| Date: Thu, 15 Dec 2022 00:00:00 +0000
Ransomware groups and their business models are expected to change from what and how we know it to date. In this blog entry, we summarize from some of our insights the triggers that spark the small changes in the short term (“evolutions”) and the bigger deviations (“revolutions”) they can redirect their criminal enterprises to in the long run.
Read more