Credit to Author: Sherif Magdy| Date: Mon, 19 Dec 2022 00:00:00 +0000
In this blog entry, we discuss the reasons why malicious actors choose to and opt not to pursue kernel-level access in their attacks. It also provides an overview of kernel-level threats that have been publicly reported from April 2015 to October 2022.
Read moreCredit to Author: Nathaniel Morales| Date: Fri, 16 Dec 2022 00:00:00 +0000
This year, various ransomware-as-a-service groups have developed versions of their ransomware in Rust, including Agenda. Agenda’s Rust variant has targeted vital industries like its Go counterpart. In this blog, we will discuss how the Rust variant works.
Read moreCredit to Author: Feike Hacquebord| Date: Thu, 15 Dec 2022 00:00:00 +0000
Ransomware groups and their business models are expected to change from what and how we know it to date. In this blog entry, we summarize from some of our insights the triggers that spark the small changes in the short term (“evolutions”) and the bigger deviations (“revolutions”) they can redirect their criminal enterprises to in the long run.
Read moreCredit to Author: Jaromir Horejsi| Date: Wed, 14 Dec 2022 00:00:00 +0000
This report examines the infection chain and the pieces of malware used by malicious actors in supply-chain attacks that leveraged trojanized installers of chat-based customer engagement platforms.
Read moreCredit to Author: David Fiser| Date: Mon, 12 Dec 2022 00:00:00 +0000
We intercepted a cryptocurrency mining attack that incorporated an advanced remote access trojan (RAT) named the CHAOS Remote Administrative Tool.
Read moreCredit to Author: Don Ovid Ladores| Date: Wed, 23 Nov 2022 00:00:00 +0000
This blog entry looks at the characteristics of a new WannaRen ransomware variant, which we named Life ransomware after its encryption extension.
Read moreCredit to Author: Nick Dai| Date: Fri, 18 Nov 2022 00:00:00 +0000
We break down the cyberespionage activities of advanced persistent threat (APT) group Earth Preta, observed in large-scale attack deployments that began in March. We also show the infection routines of the malware families they use to infect multiple sectors worldwide: TONEINS, TONESHELL, and PUBLOAD.
Read moreCredit to Author: Mayumi Nishimura| Date: Wed, 16 Nov 2022 00:00:00 +0000
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations.
Read moreCredit to Author: Mickey Jin| Date: Fri, 11 Nov 2022 00:00:00 +0000
This blog entry details our investigation of CVE-2019-8561, a vulnerability that exists in the macOS PackageKit framework, a component used to install software installer packages (PKG files).
Read moreCredit to Author: Feike Hacquebord| Date: Tue, 08 Nov 2022 00:00:00 +0000
This report provides defenders and security operations center teams with the technical details they need to know should they encounter the DeimosC2 C&C framework.
Read more