trend micro research : articles, news, reports

Credit to Author: Magno Logan| Date: Thu, 07 Jul 2022 00:00:00 +0000

We investigate cloud-based cryptocurrency miners that leverage GitHub Actions and Azure virtual machines, including the cloud infrastructure and vulnerabilities that malicious actors exploit for easy monetary gain.

Security TrendMicro

July 6, 2022 admin

Private 5G Network Security Expectations Part 1

Credit to Author: Jun Morimoto| Date: Tue, 05 Jul 2022 00:00:00 +0000

Are “new” protocols and “private” networks sufficient for your cybersecurity requirements?

Security TrendMicro

July 6, 2022 admin

Brand-New HavanaCrypt Ransomware Poses as Google Software Update App, Uses Microsoft Hosting Service IP Address as C&C Server

Credit to Author: Nathaniel Morales| Date: Wed, 06 Jul 2022 00:00:00 +0000

We recently found a new ransomware family, which we have dubbed as HavanaCrypt, that disguises itself as a legitimate Google Software Update application and uses a Microsoft web hosting service IP address as its command-and-control (C&C) server to circumvent detection.

Security TrendMicro

July 6, 2022 admin

Data Distribution Service: An Overview Part 1

In this three-part blog series, we’ll look into Data Distribution Service, why it is critical, and how you can mitigate risks associated with it.

Security TrendMicro

June 30, 2022 admin

Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit

Credit to Author: Kenneth Adrian Apostol| Date: Thu, 30 Jun 2022 00:00:00 +0000

We look into a recent attack orchestrated by the Black Basta ransomware ransomware group that used the banking trojan QakBot as a means of entry and movement and took advantage of the PrintNightmare vulnerability to perform privileged file operations.

Security TrendMicro

June 28, 2022 admin

Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware

Credit to Author: Mohamed Fahmy| Date: Tue, 28 Jun 2022 00:00:00 +0000

We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being exfiltrated from the infected systems. However, we also found that some of the victims were infected with ransomware days after the data exfiltration.

Security TrendMicro

June 27, 2022 admin

Conti vs. LockBit: A Comparative Analysis of Ransomware Groups

Credit to Author: Shingo Matsugaya| Date: Mon, 27 Jun 2022 00:00:00 +0000

We compare the targeting and business models of the Conti and LockBit ransomware groups using data analysis approaches. This will be presented in full at the 34th Annual FIRST Conference on June 27, 2022.

Security TrendMicro

June 24, 2022 admin