Unsung Hero in Cyber Risk Management
Behind the scenes of the world of vulnerability intelligence and threat hunting Read More HERE…
TrendMicro
Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor’s server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we’ve dubbed SprySOCKS due to its swift behavior and SOCKS implementation. Read More HERE…
Biden National Cybersecurity Strategy Key Takeaways
Major changes are underway, with new rules for federal agencies and updated requirements for public-private partnerships. We discuss the implementation plans for the strategy’s first two pillars: defend critical infrastructure and disrupt and dismantle threat actors. Read More HERE…
3 Strategic Insights from Cybersecurity Leader Study
Explore the results of a Sapio Research survey commissioned by Trend Micro about how CISOs and other technology leaders are overcoming today’s biggest challenges. Read More HERE…
RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware
In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method. Read More HERE…
Managing Cyber Risk for CISOs Under Pressure
Overworked CISOs are struggling to deliver the cybersecurity results their organizations expect. Fortunately, there are concrete and practical ways they can make their lives easier—while managing cyber risk effectively. Read More HERE…
TrickBot & Conti Sanctions: Implications for CISOs & Boardrooms
Discover what the increased regulatory risk due to recent US and UK sanctions imposed on TrickBot and Conti cybercriminals mean for CISOs and board members. Read More HERE…
Analyzing a Facebook Profile Stealer Written in Node.js
We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication. Read More HERE…
Revisiting 16shop Phishing Kit, Trend-Interpol Partnership
In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign. Read More HERE…
