Credit to Author: Jon Clay| Date: Fri, 25 Nov 2022 00:00:00 +0000
INTERPOL recently conducted operation African Surge to take down malicious infrastructure across the African continent and requested the help of private enterprises. Trend Micro is proud to have been asked to participate, and provided global threat intelligence that was utilized in this operation.
Read moreCredit to Author: Don Ovid Ladores| Date: Wed, 23 Nov 2022 00:00:00 +0000
This blog entry looks at the characteristics of a new WannaRen ransomware variant, which we named Life ransomware after its encryption extension.
Read moreCredit to Author: Nick Dai| Date: Fri, 18 Nov 2022 00:00:00 +0000
We break down the cyberespionage activities of advanced persistent threat (APT) group Earth Preta, observed in large-scale attack deployments that began in March. We also show the infection routines of the malware families they use to infect multiple sectors worldwide: TONEINS, TONESHELL, and PUBLOAD.
Read moreCredit to Author: Luis Magisa| Date: Wed, 16 Nov 2022 00:00:00 +0000
Open-source applications are a practical way to save money while keeping up with your productivity. However, this can be abused by threat actors to steal your data. Find out how one app was used to gather information of Apple users.
Read moreCredit to Author: Mickey Jin| Date: Fri, 11 Nov 2022 00:00:00 +0000
This blog entry details our investigation of CVE-2019-8561, a vulnerability that exists in the macOS PackageKit framework, a component used to install software installer packages (PKG files).
Read moreCredit to Author: Hara Hiroaki| Date: Wed, 09 Nov 2022 00:00:00 +0000
We looked into the campaigns deployed by a new subgroup of advanced persistent threat (APT) group APT41, Earth Longzhi. This entry breaks down the technical details of the campaigns in full as presented at HITCON PEACE 2022 in August.
Read moreCredit to Author: Sunil Bharti| Date: Wed, 19 Oct 2022 00:00:00 +0000
Our honeypots caught malicious cryptocurrency miner samples targeting the cloud and containers, and its routines are reminiscent of the routines employed by cybercriminal group TeamTNT, which was said to have quit in November 2021. Our investigation shows that another threat actor group, WatchDog, might be mimicking TeamTNT’s arsenal.
Read moreCredit to Author: Feike Hacquebord| Date: Tue, 08 Nov 2022 00:00:00 +0000
This report provides defenders and security operations center teams with the technical details they need to know should they encounter the DeimosC2 C&C framework.
Read more