Trend Micro Research : APT&Targeted Attacks Archives - Page 2 of 7

DarkGate Opens Organizations for Attack via Skype, Teams

We detail an ongoing campaign abusing messaging platforms Skype and Teams to distribute the DarkGate malware to targeted organizations. We also discovered that once DarkGate is installed on the victim’s system, additional payloads were introduced to the environment. Read More HERE…

TrendMicro

APT34 Deploys Phishing Attack With New Malware

September 29, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Network, Trend Micro Research : Phishing

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia. Read More HERE…

TrendMicro

Examining the Activities of the Turla APT Group

September 22, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Network

We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group. Read More HERE…

TrendMicro

Attacks on 5G Infrastructure From Users’ Devices

September 20, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : ICS OT, Trend Micro Research : IoT, Trend Micro Research : Malware, Trend Micro Research : Mobile, Trend Micro Research : Network, Trend Micro Research : Privacy&Risks

Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency, and productivity brought by 5G. This entry describes CVE-2021-45462 as a potential use case to deploy a denial-of-service (DoS) attack to private 5G networks. Read More HERE…

TrendMicro

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement

September 18, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Malware, Trend Micro Research : Research

While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor’s server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we’ve dubbed SprySOCKS due to its swift behavior and SOCKS implementation. Read More HERE…

TrendMicro

Earth Estries Targets Government, Tech for Cyberespionage

August 30, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Network

We break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures (TTPs) employed, we observed overlaps with the advanced persistent threat (APT) group FamousSparrow as Earth Estries targets governments and organizations in the technology sector. Read More HERE…

TrendMicro

Cybersecurity Threat 1H 2023 Brief with Generative AI

August 8, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Cloud, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Report, Trend Micro Research : Research

How generative AI influenced threat trends in 1H 2023 Read More HERE…

TrendMicro

Detecting BPFDoor Backdoor Variants Abusing BPF Filters

July 13, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : IoT, Trend Micro Research : Malware, Trend Micro Research : Network

An analysis of advanced persistent threat (APT) group Red Menshen’s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021. Read More HERE…

TrendMicro

MOVEit Vulnerability Breaches Targeted Fed Agencies

June 21, 2023 TH Author Trend Micro Research : #LetsTalk Series, Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Cyber Threats, Trend Micro Research : Data center, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Ransomware, Trend Micro Research : Video

Jon Clay and Ed Cabrera talk about the MOVEit breaches and more in the video series #TrendTalksBizSec Read More HERE…

TrendMicro

SeroXen Mechanisms: Exploring Distribution, Risks, and Impact

June 20, 2023 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Network, Trend Micro Research : Phishing, Trend Micro Research : Privacy&Risks

This is the third installment of a three-part technical analysis of the fully undetectable (FUD) obfuscation engine BatCloak and SeroXen malware. In this entry, we document the techniques used to spread and abuse SeroXen, as well as the security risks, impact, implications of, and insights into highly evasive FUD batch obfuscators. Read More HERE…