QR Codes: Convenience or Cyberthreat?
Credit to Author: Sara Atie| Date: Tue, 23 Jul 2024 00:00:00 +0000
Security awareness and measures to detect and prevent sophisticated risks associated with QR code-based phishing attacks (quishing)
Read moretrend micro research : ransomware
Play Ransomware Group’s New Linux Variant Targets ESXi, Shows Ties With Prolific Puma
Credit to Author: Cj Arsley Mateo| Date: Fri, 19 Jul 2024 00:00:00 +0000
Trend Micro threat hunters discovered that the Play ransomware group has been deploying a new Linux variant that targets ESXi environments. Read our blog entry to know more.
Read moreTargetCompany’s Linux Variant Targets ESXi Environments
Credit to Author: Darrel Tristan Virtusio| Date: Wed, 05 Jun 2024 00:00:00 +0000
In this blog entry, our researchers provide an analysis of TargetCompany ransomware’s Linux variant and how it targets VMware ESXi environments using new methods for payload delivery and execution.
Read moreUnveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption
Credit to Author: Christopher Boyton| Date: Wed, 03 Apr 2024 00:00:00 +0000
Our new article provides key highlights and takeaways from Operation Cronos’ disruption of LockBit’s operations, as well as telemetry details on how LockBit actors operated post-disruption.
Read moreAgenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script
Credit to Author: Arianne Dela Cruz| Date: Tue, 26 Mar 2024 00:00:00 +0000
This blog entry discusses the Agenda ransomware group’s use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers.
Read moreTeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types
Credit to Author: Junestherry Dela Cruz| Date: Tue, 19 Mar 2024 00:00:00 +0000
CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.
Read moreMultistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO
Credit to Author: Nathaniel Morales| Date: Mon, 04 Mar 2024 00:00:00 +0000
The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact.
Read moreThreat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities
Credit to Author: Ian Kenefick| Date: Tue, 27 Feb 2024 00:00:00 +0000
This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry.
Read more