Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks

Credit to Author: Joseph C Chen| Date: Mon, 18 Mar 2024 00:00:00 +0000

Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa.

Read more

CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign

Credit to Author: Peter Girnus| Date: Wed, 13 Mar 2024 00:00:00 +0000

In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative (ZDI) observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412.

Read more

A Necessary Digital Odyssey of RPA and AI/ML at HUD

Credit to Author: David Chow| Date: Wed, 13 Mar 2024 00:00:00 +0000

Explore two RPA and AI/ML use cases at HUD during the operational challenges of the longest US Government shutdown, a rigid legacy IT environment, and complex federal regulations.

Read more

Unveiling Earth Kapre aka RedCurl’s Cyberespionage Tactics With Trend Micro MDR, Threat Intelligence

Credit to Author: Buddy Tancio| Date: Wed, 06 Mar 2024 00:00:00 +0000

This blog entry will examine Trend Micro MDR team’s investigation that successfully uncovered the intrusion sets employed by Earth Kapre in a recent incident, as well as how the team leveraged threat intelligence to attribute the extracted evidence to the cyberespionage threat group.

Read more

AI Auctions: Collectibles, Taylor Swift, Jordan Bots

Credit to Author: David Chow| Date: Wed, 06 Mar 2024 00:00:00 +0000

Discover the fascinating world of AI, ML, and RPA and their real-world applications including the creation of a custom RPA bot for collecting rare sports memorabilia.

Read more

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO

Credit to Author: Nathaniel Morales| Date: Mon, 04 Mar 2024 00:00:00 +0000

The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact.

Read more

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities

Credit to Author: Ian Kenefick| Date: Tue, 27 Feb 2024 00:00:00 +0000

This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry.

Read more

Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections

Credit to Author: Cedric Pernet| Date: Mon, 26 Feb 2024 00:00:00 +0000

During our monitoring of Earth Lusca, we noticed a new campaign that used Chinese-Taiwanese relations as a social engineering lure to infect selected targets.

Read more