Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures

Credit to Author: Peter Girnus| Date: Tue, 17 Jan 2023 00:00:00 +0000

We discovered an active campaign ongoing since at least mid-2022 which uses Middle Eastern geopolitical-themed lures to distribute NjRAT (also known as Bladabindi) to infect victims across the Middle East and North Africa.

Read more

Electricity/Energy Cybersecurity: Trends & Survey Response

Credit to Author: Mayumi Nishimura| Date: Wed, 16 Nov 2022 00:00:00 +0000

Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations.

Read more

Hack the Real Box: APT41’s New Subgroup Earth Longzhi

Credit to Author: Hara Hiroaki| Date: Wed, 09 Nov 2022 00:00:00 +0000

We looked into the campaigns deployed by a new subgroup of advanced persistent threat (APT) group APT41, Earth Longzhi. This entry breaks down the technical details of the campaigns in full as presented at HITCON PEACE 2022 in August.

Read more

Manufacturing Cybersecurity: Trends & Survey Response

Credit to Author: Mayumi Nishimura| Date: Fri, 28 Oct 2022 00:00:00 +0000

Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations.

Read more

Oil and Gas Cybersecurity: Trends & Response to Survey

Credit to Author: Mayumi Nishimura| Date: Thu, 13 Oct 2022 00:00:00 +0000

Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations.

Read more

Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit

Credit to Author: Kenneth Adrian Apostol| Date: Thu, 30 Jun 2022 00:00:00 +0000

We look into a recent attack orchestrated by the Black Basta ransomware ransomware group that used the banking trojan QakBot as a means of entry and movement and took advantage of the PrintNightmare vulnerability to perform privileged file operations.

Read more

Cyberattacks are Prominent in the Russia-Ukraine Conflict

Credit to Author: Trend Micro Research| Date: Thu, 03 Mar 2022 00:00:00 +0000

Alongside the physical conflict happening between Russia and Ukraine, there have also been an increasing number of alleged cyberattacks perpetrated by different groups. Our research teams have verified and validated internal data and external reports to provide accurate information that can be used to strengthen defenses against these attacks. We will continuously update this blog with validated threats as more events unfold.

Read more