ThreatsHub.org
In this proof of concept, we look into one of several attack vectors that can be abused to attack the supply chain: targeting the developer. With a focus on the local integrated developer environment (IDE), this proof considers the execution of malicious build scripts via injecting commands when the project or build is incorrectly “trusted”. Read More HERE…
Read more
We discovered an active campaign ongoing since at least mid-2022 which uses Middle Eastern geopolitical-themed lures to distribute NjRAT (also known as Bladabindi) to infect victims across the Middle East and North Africa. Read More HERE…
Read more
Proof of Concept (POC): We investigate one of the GitHub Codespaces’ real-time code development and collaboration features that attackers can abuse for cloud-based trusted malware delivery. Once exploited, malicious actors can abuse legitimate GitHub accounts to create a malware file server. Read More HERE…
Read more
Running real-world attack simulations can help improve organizations’ cybersecurity resilience Read More HERE…
Read more
We discuss the use of the InterPlanetary File System (IPFS) in phishing attacks. Read More HERE…
Read more
We discuss the use of the InterPlanetary File System (IPFS) in phishing attacks. Read More HERE…
Read more
Ransomware groups and their business models are expected to change from what and how we know it to date. In this blog entry, we summarize from some of our insights the triggers that spark the small changes in the short term (“evolutions”) and the bigger deviations (“revolutions”) they can redirect their criminal enterprises to in the long run. Read More HERE…
Read more
We intercepted a cryptocurrency mining attack that incorporated an advanced remote access trojan (RAT) named the CHAOS Remote Administrative Tool. Read More HERE…
Read more
Trend Micro is one of the few cybersecurity vendors today that can protect your entire world, whether it is your home office and family, your drive to work, or your work environment. Read More HERE…
Read more