Cloud-ready and Channel-first
Credit to Author: Mike Milner| Date: Mon, 06 Feb 2023 00:00:00 +0000
Trend Micro named one of 2023’s coolest cloud security companies
Read moretrend micro research : articles, news, reports
What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source Toolkits
Credit to Author: Stephen Hilt| Date: Thu, 02 Feb 2023 00:00:00 +0000
We analyze a BEC campaign targeting large companies around the world that was leveraging open-source tools to stay under the radar.
Read moreNew APT34 Malware Targets The Middle East
Credit to Author: Mohamed Fahmy| Date: Thu, 02 Feb 2023 00:00:00 +0000
We analyze an infection campaign targeting organizations in the Middle East for cyberespionage in December 2022 using a new backdoor malware. The campaign abuses legitimate but compromised email accounts to send stolen data to external mail accounts controlled by the attackers.
Read moreNew Mimic Ransomware Abuses Everything APIs for its Encryption Process
Credit to Author: Nathaniel Morales| Date: Thu, 26 Jan 2023 00:00:00 +0000
Trend Micro researchers discovered a new ransomware that abuses the APIs of a legitimate tool called Everything, a Windows filename search engine developed by Voidtools that offers quick searching and real-time updates for minimal resource usage.
Read moreAttacking The Supply Chain: Developer
Credit to Author: David Fiser| Date: Wed, 25 Jan 2023 00:00:00 +0000
In this proof of concept, we look into one of several attack vectors that can be abused to attack the supply chain: targeting the developer. With a focus on the local integrated developer environment (IDE), this proof considers the execution of malicious build scripts via injecting commands when the project or build is incorrectly “trusted”.
Read moreVice Society Ransomware Group Targets Manufacturing Companies
Credit to Author: Ieriz Nicolle Gonzalez| Date: Tue, 24 Jan 2023 00:00:00 +0000
In this blog entry, we’d like to highlight our findings on Vice Society, which includes an end-to-end infection diagram that we were able to create using Trend Micro internal telemetry.
Read more“Payzero” Scams and The Evolution of Asset Theft in Web3
Credit to Author: Fyodor Yarochkin| Date: Wed, 18 Jan 2023 00:00:00 +0000
In this entry, we discuss a Web3 fraud scenario where scammers target potential victims via fake smart contracts, and then take over their digital assets, such as NFT tokens, without paying. We named this scam “Payzero”.
Read moreBatloader Malware Abuses Legitimate Tools, Uses Obfuscated JavaScript Files in Q4 2022 Attacks
Credit to Author: Junestherry Dela Cruz| Date: Tue, 17 Jan 2023 00:00:00 +0000
We discuss the Batloader malware campaigns we observed in the last quarter of 2022, including our analysis of Water Minyades-related events (This is the intrusion set we track behind the creation of Batloader).
Read moreEarth Bogle: Campaigns Target the Middle East with Geopolitical Lures
Credit to Author: Peter Girnus| Date: Tue, 17 Jan 2023 00:00:00 +0000
We discovered an active campaign ongoing since at least mid-2022 which uses Middle Eastern geopolitical-themed lures to distribute NjRAT (also known as Bladabindi) to infect victims across the Middle East and North Africa.
Read moreAbusing a GitHub Codespaces Feature For Malware Delivery
Credit to Author: Nitesh Surana| Date: Mon, 16 Jan 2023 00:00:00 +0000
Proof of Concept (POC): We investigate one of the GitHub Codespaces’ real-time code development and collaboration features that attackers can abuse for cloud-based trusted malware delivery. Once exploited, malicious actors can abuse legitimate GitHub accounts to create a malware file server.
Read more