Decoding Turla: Trend Micro’s MITRE Performance

Credit to Author: Shannon Murphy| Date: Thu, 21 Sep 2023 00:00:00 +0000

This year, the MITRE Engenuity ATT&CK evaluation tested cybersecurity vendors against simulated attack scenarios mimicking the adversary group “Turla.” Learn about Trend Micro’s 100% successful protection performance.

Read more

Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign

Credit to Author: Cedric Pernet| Date: Thu, 21 Sep 2023 00:00:00 +0000

This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud.

Read more

Attacks on 5G Infrastructure From Users’ Devices

Credit to Author: Salim S.I.| Date: Wed, 20 Sep 2023 00:00:00 +0000

Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency, and productivity brought by 5G. This entry describes CVE-2021-45462 as a potential use case to deploy a denial-of-service (DoS) attack to private 5G networks.

Read more

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware

Credit to Author: Hitomi Kimura| Date: Wed, 13 Sep 2023 00:00:00 +0000

In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method.

Read more

Earth Estries Targets Government, Tech for Cyberespionage

Credit to Author: Ted Lee| Date: Wed, 30 Aug 2023 00:00:00 +0000

We break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures (TTPs) employed, we observed overlaps with the advanced persistent threat (APT) group FamousSparrow as Earth Estries targets governments and organizations in the technology sector.

Read more

TargetCompany Ransomware Abuses FUD Obfuscator Packers

Credit to Author: Don Ovid Ladores| Date: Mon, 07 Aug 2023 00:00:00 +0000

In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable (FUD) obfuscator engine BatCloak to infect vulnerable systems.

Read more

Platform Approach to Cybersecurity: The New Paradigm

Credit to Author: Jon Clay| Date: Thu, 13 Jul 2023 00:00:00 +0000

Embracing platform approach as the path to enhanced security and resilience

Read more