Credit to Author: Ieriz Nicolle Gonzalez| Date: Tue, 24 Jan 2023 00:00:00 +0000
In this blog entry, we’d like to highlight our findings on Vice Society, which includes an end-to-end infection diagram that we were able to create using Trend Micro internal telemetry.
Read moreCredit to Author: Fyodor Yarochkin| Date: Wed, 18 Jan 2023 00:00:00 +0000
In this entry, we discuss a Web3 fraud scenario where scammers target potential victims via fake smart contracts, and then take over their digital assets, such as NFT tokens, without paying. We named this scam “Payzero”.
Read moreCredit to Author: Junestherry Dela Cruz| Date: Tue, 17 Jan 2023 00:00:00 +0000
We discuss the Batloader malware campaigns we observed in the last quarter of 2022, including our analysis of Water Minyades-related events (This is the intrusion set we track behind the creation of Batloader).
Read moreCredit to Author: Hitomi Kimura| Date: Mon, 09 Jan 2023 00:00:00 +0000
We analyzed the infection routine used in recent Gootkit loader attacks on the Australian healthcare industry and found that Gootkit leveraged SEO poisoning for its initial access and abused legitimate tools like VLC Media Player.
Read moreCredit to Author: Armando Nathaniel Pedragoza| Date: Thu, 05 Jan 2023 00:00:00 +0000
The Dridex variant we analyzed targets MacOS platforms with a new technique to deliver documents embedded with malicious macros to users.
Read moreCredit to Author: Matsukawa Bakuei| Date: Tue, 20 Dec 2022 00:00:00 +0000
We discuss the use of the InterPlanetary File System (IPFS) in phishing attacks.
Read moreCredit to Author: Mickey Jin| Date: Wed, 21 Dec 2022 00:00:00 +0000
This blog entry discusses the technical details of how we exploited CVE-2022-22583 using a different method. We also tackle the technical details of CVE-2022-32800, another SIP-bypass that we discovered more recently, in this report.
Read moreCredit to Author: Matsukawa Bakuei| Date: Tue, 20 Dec 2022 00:00:00 +0000
We discuss the use of the InterPlanetary File System (IPFS) in phishing attacks.
Read moreCredit to Author: Mickey Jin| Date: Tue, 20 Dec 2022 00:00:00 +0000
More than two years ago, a researcher, A2nkF demonstrated the exploit chain from root privilege escalation to SIP-Bypass up to arbitrary kernel extension loading. In this blog entry, we will discuss how we discovered 3 more vulnerabilities from the old exploit chain.
Read moreCredit to Author: Sherif Magdy| Date: Mon, 19 Dec 2022 00:00:00 +0000
In this blog entry, we discuss the reasons why malicious actors choose to and opt not to pursue kernel-level access in their attacks. It also provides an overview of kernel-level threats that have been publicly reported from April 2015 to October 2022.
Read more