Earth Preta Spear-Phishing Governments Worldwide

We break down the cyberespionage activities of advanced persistent threat (APT) group Earth Preta, observed in large-scale attack deployments that began in March. We also show the infection routines of the malware families they use to infect multiple sectors worldwide: TONEINS, TONESHELL, and PUBLOAD. Read More HERE…

Read more

Hack the Real Box: APT41’s New Subgroup Earth Longzhi

We looked into the campaigns deployed by a new subgroup of advanced persistent threat (APT) group APT41, Earth Longzhi. This entry breaks down the technical details of the campaigns in full as presented at HITCON PEACE 2022 in August. Read More HERE…

Read more

Tracking Earth Aughisky’s Malware and Changes

For over 10 years, security researchers have been observing and keeping tabs of APT group Earth Aughisky’s malware families and the connections, including previously documented malware that have yet to be attributed. Read More HERE…

Read more

Water Labbu Abuses Malicious DApps to Steal Cryptocurrency

The parasitic Water Labbu capitalizes on the social engineering schemes of other scammers, injecting malicious JavaScript code into their malicious decentralized application websites to steal cryptocurrency. Read More HERE…

Read more

How Malicious Actors Abuse Native Linux Tools in Attacks

Through our honeypots and telemetry, we were able to observe instances in which malicious actors abused native Linux tools to launch attacks on Linux environments. In this blog entry, we discuss how these utilities were used and provide recommendations on how to minimize their impact. Read More HERE…

Read more

Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users

We found APT group Iron Tiger’s malware compromising chat application Mimi’s servers in a supply chain attack. Read More HERE…

Read more

Better Together: AWS and Trend Micro

This post relays the latest threat detection tool innovation of AWS – Amazon GuardDuty Malware Protection. This tool works closely with Trend Micro cloud solutions, providing another valuable layer of defense in our fight against a shared adversary. Read More HERE…

Read more