Web3 IPFS Only Used for Phishing – So Far
Credit to Author: Matsukawa Bakuei| Date: Tue, 20 Dec 2022 00:00:00 +0000
We discuss the use of the InterPlanetary File System (IPFS) in phishing attacks.
Read moretrend micro research : research
Diving into an Old Exploit Chain and Discovering 3 new SIP-Bypass Vulnerabilities
Credit to Author: Mickey Jin| Date: Tue, 20 Dec 2022 00:00:00 +0000
More than two years ago, a researcher, A2nkF demonstrated the exploit chain from root privilege escalation to SIP-Bypass up to arbitrary kernel extension loading. In this blog entry, we will discuss how we discovered 3 more vulnerabilities from the old exploit chain.
Read moreA Closer Look at Windows Kernel Threats
Credit to Author: Sherif Magdy| Date: Mon, 19 Dec 2022 00:00:00 +0000
In this blog entry, we discuss the reasons why malicious actors choose to and opt not to pursue kernel-level access in their attacks. It also provides an overview of kernel-level threats that have been publicly reported from April 2015 to October 2022.
Read moreAgenda Ransomware Uses Rust to Target More Vital Industries
Credit to Author: Nathaniel Morales| Date: Fri, 16 Dec 2022 00:00:00 +0000
This year, various ransomware-as-a-service groups have developed versions of their ransomware in Rust, including Agenda. Agenda’s Rust variant has targeted vital industries like its Go counterpart. In this blog, we will discuss how the Rust variant works.
Read moreRansomware Business Models: Future Pivots and Trends
Credit to Author: Feike Hacquebord| Date: Thu, 15 Dec 2022 00:00:00 +0000
Ransomware groups and their business models are expected to change from what and how we know it to date. In this blog entry, we summarize from some of our insights the triggers that spark the small changes in the short term (“evolutions”) and the bigger deviations (“revolutions”) they can redirect their criminal enterprises to in the long run.
Read moreProbing Weaponized Chat Applications Abused in Supply-Chain Attacks
Credit to Author: Jaromir Horejsi| Date: Wed, 14 Dec 2022 00:00:00 +0000
This report examines the infection chain and the pieces of malware used by malicious actors in supply-chain attacks that leveraged trojanized installers of chat-based customer engagement platforms.
Read moreLinux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT
Credit to Author: David Fiser| Date: Mon, 12 Dec 2022 00:00:00 +0000
We intercepted a cryptocurrency mining attack that incorporated an advanced remote access trojan (RAT) named the CHAOS Remote Administrative Tool.
Read moreWannaRen Returns as Life Ransomware, Targets India
Credit to Author: Don Ovid Ladores| Date: Wed, 23 Nov 2022 00:00:00 +0000
This blog entry looks at the characteristics of a new WannaRen ransomware variant, which we named Life ransomware after its encryption extension.
Read moreEarth Preta Spear-Phishing Governments Worldwide
Credit to Author: Nick Dai| Date: Fri, 18 Nov 2022 00:00:00 +0000
We break down the cyberespionage activities of advanced persistent threat (APT) group Earth Preta, observed in large-scale attack deployments that began in March. We also show the infection routines of the malware families they use to infect multiple sectors worldwide: TONEINS, TONESHELL, and PUBLOAD.
Read moreElectricity/Energy Cybersecurity: Trends & Survey Response
Credit to Author: Mayumi Nishimura| Date: Wed, 16 Nov 2022 00:00:00 +0000
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations.
Read more