Credit to Author: Trend Micro Research| Date: Tue, 07 Feb 2023 00:00:00 +0000
In this investigation, we analyzed several prominent “passive income” applications and found out that there may be security risks upon participating in these programs.
Read moreCredit to Author: Stephen Hilt| Date: Thu, 02 Feb 2023 00:00:00 +0000
We analyze a BEC campaign targeting large companies around the world that was leveraging open-source tools to stay under the radar.
Read moreCredit to Author: Nathaniel Morales| Date: Thu, 26 Jan 2023 00:00:00 +0000
Trend Micro researchers discovered a new ransomware that abuses the APIs of a legitimate tool called Everything, a Windows filename search engine developed by Voidtools that offers quick searching and real-time updates for minimal resource usage.
Read moreCredit to Author: Ieriz Nicolle Gonzalez| Date: Tue, 24 Jan 2023 00:00:00 +0000
In this blog entry, we’d like to highlight our findings on Vice Society, which includes an end-to-end infection diagram that we were able to create using Trend Micro internal telemetry.
Read moreCredit to Author: Fyodor Yarochkin| Date: Wed, 18 Jan 2023 00:00:00 +0000
In this entry, we discuss a Web3 fraud scenario where scammers target potential victims via fake smart contracts, and then take over their digital assets, such as NFT tokens, without paying. We named this scam “Payzero”.
Read moreCredit to Author: Junestherry Dela Cruz| Date: Tue, 17 Jan 2023 00:00:00 +0000
We discuss the Batloader malware campaigns we observed in the last quarter of 2022, including our analysis of Water Minyades-related events (This is the intrusion set we track behind the creation of Batloader).
Read moreCredit to Author: Hitomi Kimura| Date: Mon, 09 Jan 2023 00:00:00 +0000
We analyzed the infection routine used in recent Gootkit loader attacks on the Australian healthcare industry and found that Gootkit leveraged SEO poisoning for its initial access and abused legitimate tools like VLC Media Player.
Read moreCredit to Author: Armando Nathaniel Pedragoza| Date: Thu, 05 Jan 2023 00:00:00 +0000
The Dridex variant we analyzed targets MacOS platforms with a new technique to deliver documents embedded with malicious macros to users.
Read moreCredit to Author: Matsukawa Bakuei| Date: Tue, 20 Dec 2022 00:00:00 +0000
We discuss the use of the InterPlanetary File System (IPFS) in phishing attacks.
Read moreCredit to Author: Mickey Jin| Date: Wed, 21 Dec 2022 00:00:00 +0000
This blog entry discusses the technical details of how we exploited CVE-2022-22583 using a different method. We also tackle the technical details of CVE-2022-32800, another SIP-bypass that we discovered more recently, in this report.
Read more