100 Quarters of Profitability: Insights from a Trender
Credit to Author: Jon Clay| Date: Tue, 14 Nov 2023 00:00:00 +0000
Learn what 100 straight quarters of profitability means to a Trender who has been here for every one of them.
Read moretrend micro research : network
DarkGate Opens Organizations for Attack via Skype, Teams
Credit to Author: Trent Bessell| Date: Thu, 12 Oct 2023 00:00:00 +0000
We detail an ongoing campaign abusing messaging platforms Skype and Teams to distribute the DarkGate malware to targeted organizations. We also discovered that once DarkGate is installed on the victim’s system, additional payloads were introduced to the environment.
Read moreExposing Infection Techniques Across Supply Chains and Codebases
Credit to Author: Aliakbar Zahravi| Date: Thu, 05 Oct 2023 00:00:00 +0000
This entry delves into threat actors’ intricate methods to implant malicious payloads within seemingly legitimate applications and codebases.
Read moreAPT34 Deploys Phishing Attack With New Malware
Credit to Author: Mohamed Fahmy| Date: Fri, 29 Sep 2023 00:00:00 +0000
We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.
Read moreExamining the Activities of the Turla APT Group
Credit to Author: Srivathsa Sharma| Date: Fri, 22 Sep 2023 00:00:00 +0000
We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group.
Read moreAttacks on 5G Infrastructure From Users’ Devices
Credit to Author: Salim S.I.| Date: Wed, 20 Sep 2023 00:00:00 +0000
Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency, and productivity brought by 5G. This entry describes CVE-2021-45462 as a potential use case to deploy a denial-of-service (DoS) attack to private 5G networks.
Read moreTrickBot & Conti Sanctions: Implications for CISOs & Boardrooms
Credit to Author: Ed Cabrera| Date: Fri, 08 Sep 2023 00:00:00 +0000
Discover what the increased regulatory risk due to recent US and UK sanctions imposed on TrickBot and Conti cybercriminals mean for CISOs and board members.
Read moreEarth Estries Targets Government, Tech for Cyberespionage
Credit to Author: Ted Lee| Date: Wed, 30 Aug 2023 00:00:00 +0000
We break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures (TTPs) employed, we observed overlaps with the advanced persistent threat (APT) group FamousSparrow as Earth Estries targets governments and organizations in the technology sector.
Read moreTargetCompany Ransomware Abuses FUD Obfuscator Packers
Credit to Author: Don Ovid Ladores| Date: Mon, 07 Aug 2023 00:00:00 +0000
In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable (FUD) obfuscator engine BatCloak to infect vulnerable systems.
Read moreDetecting BPFDoor Backdoor Variants Abusing BPF Filters
Credit to Author: Fernando Merces| Date: Thu, 13 Jul 2023 00:00:00 +0000
An analysis of advanced persistent threat (APT) group Red Menshen’s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021.
Read more