Credit to Author: Ian Kenefick| Date: Mon, 13 Mar 2023 00:00:00 +0000
Following a three-month hiatus, Emotet spam activities resumed in March 2023, when a botnet known as Epoch 4 began delivering malicious documents embedded in Zip files that were attached to the emails.
Read moreCredit to Author: Vladimir Kropotov| Date: Thu, 09 Mar 2023 00:00:00 +0000
In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups’ ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.”
Read moreCredit to Author: Vladimir Kropotov| Date: Thu, 02 Mar 2023 00:00:00 +0000
In this blog entry, we present a case study that illustrates how data-science techniques can be used to gain valuable insights about ransomware groups’ targeting patterns as detailed in our research paper, “What Decision-Makers Need to Know About Ransomware Risk.”
Read moreCredit to Author: Ryan Soliven| Date: Thu, 02 Mar 2023 00:00:00 +0000
Find out how the Managed XDR team uncovered RedLine Stealer’s evasive spear-phishing campaign that targets the hospitality industry.
Read moreCredit to Author: Buddy Tancio| Date: Fri, 24 Feb 2023 00:00:00 +0000
Trend Micro’s Managed Extended Detection and Response (MxDR) team discovered that a file called x32dbg.exe was used to sideload a malicious DLL we identified as a variant of PlugX.
Read moreCredit to Author: Nathaniel Morales| Date: Mon, 20 Feb 2023 00:00:00 +0000
Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog.
Read moreCredit to Author: Joseph C Chen| Date: Fri, 17 Feb 2023 00:00:00 +0000
We discovered a new backdoor which we have attributed to the advanced persistent threat actor known as Earth Kitsune, which we have covered before. Since 2019, Earth Kitsune has been distributing variants of self-developed backdoors to targets, primarily individuals who are interested in North Korea.
Read moreCredit to Author: Ted Lee| Date: Wed, 08 Feb 2023 00:00:00 +0000
In 2022, we discovered Earth Zhulong, a hacking group that has been targeting Asian firms similar to another well-known threat actor. In this article, we unravel their new tactics, techniques and procedures that they apply on their misdeeds.
Read moreCredit to Author: Aliakbar Zahravi| Date: Thu, 09 Feb 2023 00:00:00 +0000
We discovered an active campaign targeting Eastern Europeans in the cryptocurrency industry using fake job lures.
Read moreCredit to Author: Ted Lee| Date: Wed, 08 Feb 2023 00:00:00 +0000
In 2022, we discovered Earth Zhulong, a hacking group that has been targeting Vietnam’s telecom, technology, and media sectors similar to another well-known threat actor. In this article, we unravel their new tactics, techniques and procedures that they apply on their misdeeds.
Read more