Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware

Credit to Author: Ian Kenefick| Date: Fri, 21 Jan 2022 00:00:00 +0000

We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection.

Read more

Cybersecurity for Industrial Control Systems: Part 2

Credit to Author: Ericka Pingol| Date: Thu, 20 Jan 2022 00:00:00 +0000

To cap off the series, we’ll discuss malware detection and distribution in various countries. Our team also rounds up several insights to help strengthen ICS cybersecurity and mitigate malware attacks.

Read more

Defending Users’ NAS Devices From Evolving Threats

Credit to Author: Stephen Hilt| Date: Thu, 20 Jan 2022 00:00:00 +0000

In our latest research, we analyze the threats targeting well-known brands of network-attached storage (NAS) devices.

Read more

Earth Lusca Employs Sophisticated Infrastructure, Varied Tools and Techniques

Credit to Author: Joseph C Chen| Date: Mon, 17 Jan 2022 00:00:00 +0000

Our technical brief provides an in-depth look at Earth Lusca’s activities, the tools it employs in attacks, and the infrastructure it uses.

Read more

This Week in Security News – January 14, 2022

Credit to Author: Jon Clay| Date: Fri, 14 Jan 2022 00:00:00 +0000

This week, read about how crucial it is for security teams to adopt an integrated approach to threat detection, such as remote control, and Congress’s plan to update the Federal Information Security Management Act (FISMA) for the first time in eight years.

Read more

Cybersecurity for Industrial Control Systems: Part 1

Credit to Author: Trend Micro Research| Date: Sat, 15 Jan 2022 00:00:00 +0000

In this two-part series, we look into various cybersecurity threats that affected industrial control systems endpoints. We also discuss several insights and recommendations to mitigate such threats.

Read more

Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager

Credit to Author: Abraham Camba| Date: Fri, 17 Dec 2021 00:00:00 +0000

We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign.

Read more

A Look Into Purple Fox’s Server Infrastructure

Credit to Author: Jay Yaneza| Date: Mon, 13 Dec 2021 00:00:00 +0000

By examining Purple Fox’s routines and activities, both with our initial research and the subject matter we cover in this blog post, we hope to help incident responders, security operation centers (SOCs), and security researchers find and weed out Purple Fox infections in their network.

Read more