Credit to Author: Kenneth Adrian Apostol| Date: Thu, 30 Jun 2022 00:00:00 +0000
We look into a recent attack orchestrated by the Black Basta ransomware ransomware group that used the banking trojan QakBot as a means of entry and movement and took advantage of the PrintNightmare vulnerability to perform privileged file operations.
Read more
Credit to Author: Mohamed Fahmy| Date: Tue, 28 Jun 2022 00:00:00 +0000
We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being exfiltrated from the infected systems. However, we also found that some of the victims were infected with ransomware days after the data exfiltration.
Read more
Credit to Author: Shingo Matsugaya| Date: Mon, 27 Jun 2022 00:00:00 +0000
We compare the targeting and business models of the Conti and LockBit ransomware groups using data analysis approaches. This will be presented in full at the 34th Annual FIRST Conference on June 27, 2022.
Read more
Credit to Author: William Malik| Date: Fri, 24 Jun 2022 00:00:00 +0000
Why cybersecurity is the first step to private network deployment
Read more
Credit to Author: Hiroyuki Ueno| Date: Wed, 15 Jun 2022 00:00:00 +0000
Learn about the state of OT Security in 2022 by reading the key insights found through surveying more than 900 ICS business and security leaders in the US, Germany and Japan.
Read more
Credit to Author: Don Ovid Ladores| Date: Wed, 08 Jun 2022 00:00:00 +0000
Trend Micro Research observed the resurgence of the Cuba ransomware group that launched a new malware variant using different infection techniques compared to past iterations. We discuss our initial findings in this report.
Read more
In this report, we investigate the reasons that the DeadBolt ransomware family is more problematic for its victims than other ransomware families that previously targeted NAS devices.
Credit to Author: Ieriz Nicolle Gonzalez| Date: Thu, 02 Jun 2022 00:00:00 +0000
The Trend Micro Threat Hunting team recently analyzed a series of CMD-based ransomware variants with a number capabilities such as stealing user information, bypassing remote desktop connections, and propagating through email and physical drives.
Read more
Credit to Author: Paul Pajares| Date: Thu, 02 Jun 2022 00:00:00 +0000
Nigeria’s Economic and Financial Crimes Commission (EFCC) arrested three suspected scammers from Nigeria who were involved in global scamming campaigns via a sting operation that is part of Operation Killer Bee. Trend Micro provided information on the group and their modus operandi.
Read more
Credit to Author: Arianne Dela Cruz| Date: Wed, 25 May 2022 00:00:00 +0000
New findings showed that Cheerscrypt, a new Linux-based ransomware variant that compromises ESXi servers, was derived from the leaked Babuk source code. We discuss our analysis in this report.
Read more