trend micro research : research – Page 14 – Computer Security Articles

Credit to Author: Lucas Silva| Date: Fri, 30 Jun 2023 00:00:00 +0000

We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led to a BlackCat (aka ALPHV) infection, and actors also used SpyBoy, a terminator that tampers with protection provided by agents.

Security TrendMicro

June 23, 2023 admin

An Overview of the Different Versions of the Trigona Ransomware

Credit to Author: Arianne Dela Cruz| Date: Fri, 23 Jun 2023 00:00:00 +0000

The Trigona ransomware is a relatively new ransomware family that began activities around late October 2022 — although samples of it existed as early as June 2022. Since then, Trigona’s operators have remained highly active, and in fact have been continuously updating their ransomware binaries.

Security TrendMicro

June 21, 2023 admin

Gaps in Azure Service Fabric’s Security Call for User Vigilance

Credit to Author: David Fiser| Date: Wed, 21 Jun 2023 00:00:00 +0000

In this blog post, we discuss different configuration scenarios that may lead to security issues with Azure Service Fabric, a distributed platform for deploying, managing, and scaling microservices and container applications.

Security TrendMicro

June 14, 2023 admin

Behind the Scenes: Unveiling the Hidden Workings of Earth Preta

Credit to Author: Sunny Lu| Date: Wed, 14 Jun 2023 00:00:00 +0000

This blog entry discusses the more technical details on the most recent tools, techniques, and procedures (TTPs) leveraged by the Earth Preta APT group, and tackles how we were able to correlate different indicators connected to this threat actor.

Security TrendMicro

June 6, 2023 admin

Impulse Team’s Massive Years-Long Mostly-Undetected Cryptocurrency Scam

Credit to Author: Cedric Pernet| Date: Tue, 06 Jun 2023 00:00:00 +0000

We have been able to uncover a massive cryptocurrency scam involving more than a thousand websites handled by different affiliates linked to a program called Impulse Project, run by a threat actor named Impulse Team.

Security TrendMicro

June 6, 2023 admin

Xollam, the Latest Face of TargetCompany

Credit to Author: Earle Maui Earnshaw| Date: Tue, 06 Jun 2023 00:00:00 +0000

This blog talks about the latest TargetCompany ransomware variant, Xollam, and the new initial access technique it uses. We also investigate previous variants’ behaviors and the ransomware family’s extortion scheme.

Security TrendMicro

May 31, 2023 admin

Investigating BlackSuit Ransomware’s Similarities to Royal

Credit to Author: Katherine Casona| Date: Wed, 31 May 2023 00:00:00 +0000

In this blog entry, we analyze BlackSuit ransomware and how it compares to Royal Ransomware.

Security TrendMicro

May 30, 2023 admin

Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals

Credit to Author: Feike Hacquebord| Date: Tue, 30 May 2023 00:00:00 +0000

Void Rabisu, a malicious actor believed to be associated with the RomCom backdoor, was thought to be driven by financial gain because of its ransomware attacks. But in this blog entry, we discuss how the use of the RomCom backdoor in recent attacks shows how Void Rabisu’s motives seem to have changed since at least October 2022.