Credit to Author: Adolph Christian Silverio| Date: Thu, 19 May 2022 00:00:00 +0000
During the first quarter of 2022, we discovered a significant number of infections using multiple new Emotet variants that employed both old and new techniques to trick their intended victims into accessing malicious links and enabling macro content.
Read more
Credit to Author: Buddy Tancio| Date: Wed, 18 May 2022 00:00:00 +0000
Trend Micro’s Managed XDR team addressed a Kingminer botnet attack conducted through an SQL exploit. We discuss our findings and analysis in this report.
Read more
Credit to Author: Cifer Fang| Date: Mon, 16 May 2022 00:00:00 +0000
We recently observed a number of apps on Google Play designed to perform malicious activities such as stealing user credentials and other sensitive user information, including private keys.
Read more
Credit to Author: Ieriz Nicolle Gonzalez| Date: Mon, 09 May 2022 00:00:00 +0000
We analyze the Black Basta ransomware and examine the malicious actor’s familiar infection tactics.
Read more
Credit to Author: Aliakbar Zahravi| Date: Thu, 05 May 2022 00:00:00 +0000
This report focuses on the components and infection chain of the NetDooka framework. Its scope ranges from the release of the first payload up until the release of the final RAT that is protected by a kernel driver.
Read more
Credit to Author: Daniel Lunghi| Date: Wed, 27 Apr 2022 00:00:00 +0000
We recently found a new advanced persistent threat (APT) group that we have dubbed Earth Berberoka (aka GamblingPuppet). This APT group targets gambling websites on Windows, macOS, and Linux platforms using old and new malware families.
Read more
Credit to Author: Nitesh Surana| Date: Wed, 20 Apr 2022 00:00:00 +0000
Recently, we observed attempts to exploit the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — by malicious actors to deploy cryptocurrency miners.
Read more
Credit to Author: Nitesh Surana| Date: Wed, 20 Apr 2022 00:00:00 +0000
Recently, we observed the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — being actively exploited by malicious actors to deploy cryptocurrency miners.
Read more
Researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service (DDS) standard and its implementations from a security angle. The full findings of this research will be presented in the S4X22 Conference in April 2022.
Credit to Author: Lucas Silva| Date: Mon, 18 Apr 2022 00:00:00 +0000
We recently investigated a case related to the BlackCat ransomware group using the Trend Micro Vision One™ platform, which comes with extended detection and response (XDR) capabilities. BlackCat (aka AlphaVM or AlphaV) is a ransomware family created in the Rust programming language and operated under a ransomware-as-a-service (RaaS) model.
Read more