A Better Way to Secure Servers & Cloud Workloads
Credit to Author: Joyce Huang| Date: Tue, 01 Aug 2023 00:00:00 +0000
Why endpoint security falls short in the complexity of modern IT infrastructure
Read moretrend micro research : endpoints
Possible Supply-Chain Attack Targeting Pakistani Government Delivers Shadowpad
Credit to Author: Daniel Lunghi| Date: Fri, 14 Jul 2023 00:00:00 +0000
We recently found that a modified installer of the E-Office app used by the Pakistani government delivered a Shadowpad sample, suggesting a possible supply-chain attack.
Read moreSupply-Chain Attack Targeting Pakistani Government Delivers Shadowpad
Credit to Author: Daniel Lunghi| Date: Fri, 14 Jul 2023 00:00:00 +0000
We recently found that an MSI installer built by the National Information Technology Board (NITB), a Pakistani government entity, delivered a Shadowpad sample, suggesting a possible supply-chain attack.
Read morePlatform Approach to Cybersecurity: The New Paradigm
Credit to Author: Jon Clay| Date: Thu, 13 Jul 2023 00:00:00 +0000
Embracing platform approach as the path to enhanced security and resilience
Read moreDetecting BPFDoor Backdoor Variants Abusing BPF Filters
Credit to Author: Fernando Merces| Date: Thu, 13 Jul 2023 00:00:00 +0000
An analysis of advanced persistent threat (APT) group Red Menshen’s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021.
Read moreTailing Big Head Ransomware’s Variants, Tactics, and Impact
Credit to Author: Ieriz Nicolle Gonzalez| Date: Fri, 07 Jul 2023 00:00:00 +0000
We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware.
Read moreFour Must-haves to Strengthen Your Endpoint Security
Credit to Author: Joyce Huang| Date: Thu, 06 Jul 2023 00:00:00 +0000
To combat complexity and achieve optimal security outcomes, there are four key factors an organization should consider when evaluating their endpoint security.
Read moreMalvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator
Credit to Author: Lucas Silva| Date: Fri, 30 Jun 2023 00:00:00 +0000
We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led to a BlackCat (aka ALPHV) infection, and actors also used SpyBoy, a terminator that tampers with protection provided by agents.
Read more