Credit to Author: Joseph C Chen| Date: Mon, 18 Sep 2023 00:00:00 +0000
While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor’s server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we’ve dubbed SprySOCKS due to its swift behavior and SOCKS implementation.
Read moreCredit to Author: Jon Clay| Date: Fri, 15 Sep 2023 00:00:00 +0000
Major changes are underway, with new rules for federal agencies and updated requirements for public-private partnerships. We discuss the implementation plans for the strategy’s first two pillars: defend critical infrastructure and disrupt and dismantle threat actors.
Read moreCredit to Author: Hitomi Kimura| Date: Wed, 13 Sep 2023 00:00:00 +0000
In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method.
Read moreCredit to Author: Ed Cabrera| Date: Fri, 08 Sep 2023 00:00:00 +0000
Discover what the increased regulatory risk due to recent US and UK sanctions imposed on TrickBot and Conti cybercriminals mean for CISOs and board members.
Read moreCredit to Author: Jaromir Horejsi| Date: Tue, 05 Sep 2023 00:00:00 +0000
We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication.
Read moreCredit to Author: Ed Cabrera| Date: Fri, 01 Sep 2023 00:00:00 +0000
A long and challenging journey against cybercrime around the world
Read moreCredit to Author: Paul Pajares| Date: Fri, 01 Sep 2023 00:00:00 +0000
In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign.
Read moreCredit to Author: William Malik| Date: Thu, 31 Aug 2023 00:00:00 +0000
Connecting IT and OT environments can give industrial organizations powerful efficiencies, but it also introduces cybersecurity challenges. A new Trend Micro/SANS Institute report gets at the heart of those IT and OT security issues—and how to address them.
Read more