Credit to Author: Ryan Soliven| Date: Wed, 24 Aug 2022 00:00:00 +0000
We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware.
Read moreCredit to Author: William Malik| Date: Mon, 08 Aug 2022 00:00:00 +0000
Understand the cybersecurity risks in the Metaverse
Read moreCredit to Author: Nathaniel Morales| Date: Tue, 02 Aug 2022 00:00:00 +0000
This blog entry offers a technical analysis of a new SolidBit variant that is posing as different applications to lure gamers and social media users. The SolidBit ransomware group appears to be planning to expand its operations through these fraudulent apps and its recruitment of ransomware-as-a-service affiliates.
Read more
Credit to Author: Ivan Nicole Chavez| Date: Mon, 25 Jul 2022 00:00:00 +0000
In June 2022, LockBit revealed version 3.0 of its ransomware. In this blog entry, we discuss the findings from our own technical analysis of this variant and its behaviors, many of which are similar to those of the BlackMatter ransomware.
Read more
Credit to Author: Nathaniel Morales| Date: Wed, 06 Jul 2022 00:00:00 +0000
We recently found a new ransomware family, which we have dubbed as HavanaCrypt, that disguises itself as a legitimate Google Software Update application and uses a Microsoft web hosting service IP address as its command-and-control (C&C) server to circumvent detection.
Read more
In this three-part blog series, we’ll look into Data Distribution Service, why it is critical, and how you can mitigate risks associated with it.
Credit to Author: Kenneth Adrian Apostol| Date: Thu, 30 Jun 2022 00:00:00 +0000
We look into a recent attack orchestrated by the Black Basta ransomware ransomware group that used the banking trojan QakBot as a means of entry and movement and took advantage of the PrintNightmare vulnerability to perform privileged file operations.
Read more
Credit to Author: Shingo Matsugaya| Date: Mon, 27 Jun 2022 00:00:00 +0000
We compare the targeting and business models of the Conti and LockBit ransomware groups using data analysis approaches. This will be presented in full at the 34th Annual FIRST Conference on June 27, 2022.
Read more
Credit to Author: Don Ovid Ladores| Date: Wed, 08 Jun 2022 00:00:00 +0000
Trend Micro Research observed the resurgence of the Cuba ransomware group that launched a new malware variant using different infection techniques compared to past iterations. We discuss our initial findings in this report.
Read more