Credit to Author: Vincenzo Ciancaglini| Date: Tue, 21 Feb 2023 00:00:00 +0000
Amidst the uproar and opinions since November 2022, we look at the possibilities and implications of what OpenAI’s ChatGPT presents to the cybersecurity industry using a comparison to earlier products, like its predecessor GPT-3.
Read moreCredit to Author: Joseph C Chen| Date: Fri, 17 Feb 2023 00:00:00 +0000
We discovered a new backdoor which we have attributed to the advanced persistent threat actor known as Earth Kitsune, which we have covered before. Since 2019, Earth Kitsune has been distributing variants of self-developed backdoors to targets, primarily individuals who are interested in North Korea.
Read moreCredit to Author: Jon Clay| Date: Wed, 01 Feb 2023 00:00:00 +0000
Stay informed and stay ahead
Read moreCredit to Author: Fyodor Yarochkin| Date: Wed, 18 Jan 2023 00:00:00 +0000
In this entry, we discuss a Web3 fraud scenario where scammers target potential victims via fake smart contracts, and then take over their digital assets, such as NFT tokens, without paying. We named this scam “Payzero”.
Read moreCredit to Author: Ivan Nicole Chavez| Date: Wed, 21 Dec 2022 00:00:00 +0000
From September to December, we detected multiple attacks from the Royal ransomware group. In this blog entry, we discuss findings from our investigation of this ransomware and the tools that Royal ransomware actors used to carry out their attacks.
Read moreCredit to Author: Jon Clay| Date: Thu, 15 Dec 2022 00:00:00 +0000
Trend Micro’s participation in Google’s App Defense Alliance will ensure the security of customers by preventing malicious apps from being made available on the Google Play Store.
Read moreCredit to Author: Joseph C Chen| Date: Wed, 05 Oct 2022 00:00:00 +0000
In the second part of our Water Labbu blog series, we explore how the threat actor exploits Electron-based applications using Cobalt Strike to deploy backdoors.
Read moreCredit to Author: CH Lei| Date: Tue, 04 Oct 2022 00:00:00 +0000
For over 10 years, security researchers have been observing and keeping tabs of APT group Earth Aughisky’s malware families and the connections, including previously documented malware that have yet to be attributed.
Read moreCredit to Author: Joseph C Chen| Date: Mon, 03 Oct 2022 00:00:00 +0000
The parasitic Water Labbu capitalizes on the social engineering schemes of other scammers, injecting malicious JavaScript code into their malicious decentralized application websites to steal cryptocurrency.
Read moreCredit to Author: David Fiser| Date: Wed, 17 Aug 2022 00:00:00 +0000
While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows.
Read more