Credit to Author: Buddy Tancio| Date: Fri, 24 Feb 2023 00:00:00 +0000
Trend Micro’s Managed Extended Detection and Response (MxDR) team discovered that a file called x32dbg.exe was used to sideload a malicious DLL we identified as a variant of PlugX.
Read moreCredit to Author: Vincenzo Ciancaglini| Date: Tue, 21 Feb 2023 00:00:00 +0000
Amidst the uproar and opinions since November 2022, we look at the possibilities and implications of what OpenAI’s ChatGPT presents to the cybersecurity industry using a comparison to earlier products, like its predecessor GPT-3.
Read moreCredit to Author: Nathaniel Morales| Date: Mon, 20 Feb 2023 00:00:00 +0000
Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog.
Read moreCredit to Author: Joseph C Chen| Date: Fri, 17 Feb 2023 00:00:00 +0000
We discovered a new backdoor which we have attributed to the advanced persistent threat actor known as Earth Kitsune, which we have covered before. Since 2019, Earth Kitsune has been distributing variants of self-developed backdoors to targets, primarily individuals who are interested in North Korea.
Read moreCredit to Author: Ted Lee| Date: Wed, 08 Feb 2023 00:00:00 +0000
In 2022, we discovered Earth Zhulong, a hacking group that has been targeting Asian firms similar to another well-known threat actor. In this article, we unravel their new tactics, techniques and procedures that they apply on their misdeeds.
Read moreCredit to Author: Vince Kearns| Date: Thu, 16 Feb 2023 00:00:00 +0000
The changing attack landscape has resulted in the hardening of the data breach insurance market. Gain insight into how implementing security controls can reduce the mean time to detect and control the costliness of an attack.
Read moreCredit to Author: Hara Hiroaki| Date: Thu, 16 Feb 2023 00:00:00 +0000
We detail the intrusion set Earth Yako, attributed to the campaign Operation RestyLink or EneLink. This analysis was presented in full at the JSAC 2023 in January 2023.
Read moreCredit to Author: Michael Langford| Date: Tue, 14 Feb 2023 00:00:00 +0000
Configuration errors are a major cause of cloud security challenges for modern DevOps teams, introducing a new attack surface with numerous potential points of vulnerability. Read on to discover some of the most common errors and learn how to resolve them.
Read more