Credit to Author: Johnny Krogsboll| Date: Thu, 11 Apr 2024 00:00:00 +0000
Delve into the world of red team exercises, their vital role in enhancing organizational security through simulated cyberattacks, including tactics like phishing and lateral movement within networks, and understand the need for regular testing and improvement to counter evolving threats effectively.
Read moreCredit to Author: Feike Hacquebord| Date: Wed, 31 Jan 2024 00:00:00 +0000
Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted.
Read moreCredit to Author: Hitomi Kimura| Date: Wed, 22 Nov 2023 00:00:00 +0000
The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.
Read moreCredit to Author: Buddy Tancio| Date: Thu, 09 Nov 2023 00:00:00 +0000
We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies.
Read moreCredit to Author: Mohamed Fahmy| Date: Fri, 29 Sep 2023 00:00:00 +0000
We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.
Read moreCredit to Author: Jaromir Horejsi| Date: Tue, 05 Sep 2023 00:00:00 +0000
We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication.
Read moreCredit to Author: Paul Pajares| Date: Fri, 01 Sep 2023 00:00:00 +0000
In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign.
Read moreCredit to Author: Peter Girnus| Date: Tue, 20 Jun 2023 00:00:00 +0000
This is the third installment of a three-part technical analysis of the fully undetectable (FUD) obfuscation engine BatCloak and SeroXen malware. In this entry, we document the techniques used to spread and abuse SeroXen, as well as the security risks, impact, implications of, and insights into highly evasive FUD batch obfuscators.
Read more