Trend Micro Research : Articles, News, Reports
Attack on Security Titans: Earth Longzhi Returns With New Tricks
After months of dormancy, Earth Longzhi, a subgroup of advanced persistent threat (APT) group APT41, has reemerged using new techniques in its infection routine. This blog entry forewarns readers of Earth Longzhi’s resilience as a noteworthy threat. Read More HERE…
Rapture, a Ransomware Family With Similarities to Paradise
In March and April 2023, we observed a type of ransomware targeting its victims via a minimalistic approach with tools that leave only a minimal footprint behind. Our findings revealed many of the preparations made by the perpetrators and how quickly they managed to carry out the ransomware attack. Read More HERE…
Update Now: PaperCut Vulnerability CVE-2023-27350 Under Active Exploitation
Two vulnerabilities in PaperCut have been found, and one of them is being actively exploited in the wild. This blog entry provides a summary of the vulnerabilities, and includes security guidance for IT and SOC professionals. Read More HERE…
Attackers Use Containers for Profit via TrafficStealer
We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads. Read More HERE…
ViperSoftX Updates Encryption, Steals Data
We observed cryptocurrency and information stealer ViperSoftX evading initial loader detection and making its lure more believable by making the initial package loader via cracks, keygens, activators, and packers non-malicious. We also noted more sophisticated encryption and basic anti-analysis techniques, such as byte remapping and web browser communication blocking. Read More HERE…
Trend Achieves AWS Level 1 MSSP Competency Status
Trend offers 24×7 fully managed security services uniquely designed in collaboration with AWS security experts to protect, monitor, and respond to security events of AWS environments. Read More HERE…
An Analysis of the BabLock (aka Rorschach) Ransomware
This blog post analyzes a stealthy and expeditious ransomware called BabLock (aka Rorschach), which shares many characteristics with LockBit. Read More HERE…
Unpacking the Structure of Modern Cybercrime Organizations
We examine three differently sized criminal groups to know how they compare to similarly sized legitimate businesses in terms of how they are organized. We also discuss how threat researchers can use their knowledge of the size and structure of a target criminal organization to aid their investigation. Read More HERE…