Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections

Credit to Author: Cedric Pernet| Date: Mon, 26 Feb 2024 00:00:00 +0000

During our monitoring of Earth Lusca, we noticed a new campaign that used Chinese-Taiwanese relations as a social engineering lure to infect selected targets.

Read more

LockBit Attempts to Stay Afloat With a New Version

Credit to Author: Trend Micro Research| Date: Thu, 22 Feb 2024 00:00:00 +0000

This research is the result of our collaboration with the National Crime Agency in the United Kingdom, who took action against LockBit as part of Operation Cronos, an international effort resulting in the undermining of its operations.

Read more

Earth Preta Campaign Uses DOPLUGS to Target Asia

Credit to Author: Sunny Lu| Date: Tue, 20 Feb 2024 00:00:00 +0000

In this blog entry, we focus on Earth Preta’s campaign that employed a variant of the DOPLUGS malware to target Asian countries.

Read more

Global Cybersecurity Trends: AI, Geopolitical Risks, and Zero Trust

Credit to Author: David Chow| Date: Tue, 13 Feb 2024 00:00:00 +0000

Trend Micro’s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024.

Read more

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day

Credit to Author: Peter Girnus| Date: Tue, 13 Feb 2024 00:00:00 +0000

The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.

Read more

What Generative AI Means for Cybersecurity in 2024

Credit to Author: Shannon Murphy| Date: Thu, 08 Feb 2024 00:00:00 +0000

After a full year of life with ChatGPT cybersecurity experts have a clearer sense of how criminals are using generative AI to enhance attacks – learn what generative AI means for cybersecurity in 2024.

Read more

Unifying Cloud Security Beyond Siloes

Credit to Author: Alifiya Sadikali| Date: Tue, 06 Feb 2024 00:00:00 +0000

Attacks don’t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers—including the cloud—for more proactive risk management.

Read more

Analyzing AsyncRAT’s Code Injection into aspnet_compiler.exe Across Multiple Incident Response Cases

Credit to Author: Buddy Tancio| Date: Mon, 11 Dec 2023 00:00:00 +0000

This blog entry delves into MxDR’s unraveling of the AsyncRAT infection chain across multiple cases, shedding light on the misuse of aspnet_compiler.exe, a legitimate Microsoft process originally designed for precompiling ASP.NET web applications.

Read more