Attack Surface Management 2022 Midyear Review Part 1
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year. Read More HERE…
Trend Micro Research : Articles, News, Reports
TeamTNT Returns – or Does It?
Our honeypots caught malicious cryptocurrency miner samples targeting the cloud and containers, and its routines are reminiscent of the routines employed by cybercriminal group TeamTNT, which was said to have quit in November 2021. Our investigation shows that another threat actor group, WatchDog, might be mimicking TeamTNT’s arsenal. Read More HERE…
Oil and Gas Cybersecurity: Trends & Response to Survey
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations. Read More HERE…
Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike
We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to the threat actors behind the Black Basta ransomware. Read More HERE…
How Water Labbu Exploits Electron-Based Applications
In the second part of our Water Labbu blog series, we explore how the threat actor exploits Electron-based applications using Cobalt Strike to deploy backdoors. Read More HERE…
Tracking Earth Aughisky’s Malware and Changes
For over 10 years, security researchers have been observing and keeping tabs of APT group Earth Aughisky’s malware families and the connections, including previously documented malware that have yet to be attributed. Read More HERE…
Water Labbu Abuses Malicious DApps to Steal Cryptocurrency
The parasitic Water Labbu capitalizes on the social engineering schemes of other scammers, injecting malicious JavaScript code into their malicious decentralized application websites to steal cryptocurrency. Read More HERE…
Stronger Cloud Security in Azure Function Using Custom Cloud Container
In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Function. Read More HERE…
Stronger Cloud Security in Azure Functions Using Custom Cloud Container
In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Functions. Read More HERE…
How Underground Groups Use Stolen Identities and Deepfakes
The growing appearance of deepfake attacks is significantly reshaping the threat landscape. These fakes brings attacks such as business email compromise (BEC) and identity verification bypassing to new levels. Read More HERE…