Deepfakes and AI-Driven Disinformation Threaten Polls

Credit to Author: Jon Clay| Date: Thu, 02 May 2024 00:00:00 +0000

Cheap and easy access to AI makes it harder to detect state-sponsored and homegrown campaigns during this election year

Read more

How Red Team Exercises Increases Your Cyber Health

Credit to Author: Johnny Krogsboll| Date: Thu, 11 Apr 2024 00:00:00 +0000

Delve into the world of red team exercises, their vital role in enhancing organizational security through simulated cyberattacks, including tactics like phishing and lateral movement within networks, and understand the need for regular testing and improvement to counter evolving threats effectively.

Read more

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets

Credit to Author: Feike Hacquebord| Date: Wed, 31 Jan 2024 00:00:00 +0000

Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted.

Read more

Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing

Credit to Author: Hitomi Kimura| Date: Wed, 22 Nov 2023 00:00:00 +0000

The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.

Read more

Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting

Credit to Author: Buddy Tancio| Date: Thu, 09 Nov 2023 00:00:00 +0000

We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies.

Read more

APT34 Deploys Phishing Attack With New Malware

Credit to Author: Mohamed Fahmy| Date: Fri, 29 Sep 2023 00:00:00 +0000

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.

Read more

Analyzing a Facebook Profile Stealer Written in Node.js

Credit to Author: Jaromir Horejsi| Date: Tue, 05 Sep 2023 00:00:00 +0000

We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication.

Read more

Revisiting 16shop Phishing Kit, Trend-Interpol Partnership

Credit to Author: Paul Pajares| Date: Fri, 01 Sep 2023 00:00:00 +0000

In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign.

Read more