Making the digital world safer, one Tesla at a time
Contestants gather at Pwn2Own Vancouver to showcase their skills and uncover vulnerabilities Read More HERE…
Trend Micro Research : Articles, News, Reports
Earth Preta’s Cyberespionage Campaign Hits Over 200
We present a case study of the cyberespionage efforts by Earth Preta. This study on an active campaign delves into the structure, goals, and requirements of the organizations involved, and provides an opportunity to conduct wider intelligence analysis and insights in the development of effective countermeasures. Read More HERE…
Pack it Secretly: Earth Preta’s Updated Stealthy Strategies
After months of investigation, we found that several undisclosed malware and interesting tools used for exfiltration purposes were being used by Earth Preta. We also observed that the threat actors were actively changing their tools, tactics, and procedures (TTPs) to bypass security solutions. In this blog entry, we will introduce and analyze the other tools and malware used by the threat actor. Read More HERE…
Patch CVE-2023-23397 Immediately: What You Need To Know and Do
We break down the basic information of CVE-2023-23397, the zero-day, zero-touch vulnerability that was rated 9.8 on the Common Vulnerability Scoring System (CVSS) scale. Read More HERE…
S4x23 Review Part 3: Healthcare Cybersecurity Sessions
This article focuses on the healthcare sector. Over the past two years, the healthcare sector has been in a constant state of emergency due to the COVID-19 pandemic, and as widely reported in the media, it has also been threatened by cyberattacks such as ransomware. Read More HERE…
S4x23 Review Part 2: Evolving Energy Cybersecurity
In this second report on S4x23 held last February, this article introduces the discussion on cyber security in the energy industry, which was one of the topics that attracted attention. Read More HERE…
Emotet Returns, Now Adopts Binary Padding for Evasion
Following a three-month hiatus, Emotet spam activities resumed in March 2023, when a botnet known as Epoch 4 began delivering malicious documents embedded in Zip files that were attached to the emails. Read More HERE…
Examining Ransomware Payments From a Data-Science Lens
In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups’ ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.” Read More HERE…
Expanding Attack Blueprints: 2022 Annual Cybersecurity Report
In this blog entry, we shine a spotlight on some of the most critical cybersecurity concerns of 2022, which we discuss in full in our annual cybersecurity report, “Rethinking Tactics: 2022 Annual Security Report.” Read More HERE…
S4x23 Review Part 1: What’s New in OT Security
This blog introduces discussions from S4x23, the ICS security conference in Miami over several posts. The first installment will cover two topics from the academic interviews. Read More HERE…