Conti vs. LockBit: A Comparative Analysis of Ransomware Groups

We compare the targeting and business models of the Conti and LockBit ransomware groups using data analysis approaches. This will be presented in full at the 34th Annual FIRST Conference on June 27, 2022. Read More HERE…

Read more

Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques

Trend Micro Research observed the resurgence of the Cuba ransomware group that launched a new malware variant using different infection techniques compared to past iterations. We discuss our initial findings in this report. Read More HERE…

Read more

Trend Micro Partners With Interpol and Nigeria’s EFCC for Operation Killer Bee, Takes Down Nigerian BEC Actors

Nigeria’s Economic and Financial Crimes Commission (EFCC) arrested three suspected scammers from Nigeria who were involved in global scamming campaigns via a sting operation that is part of Operation Killer Bee. Trend Micro provided information on the group and their modus operandi. Read More HERE…

Read more

Patch Your WSO2: CVE-2022-29464 Exploited to Install Linux-Compatible Cobalt Strike Beacons, Other Malware

Users of WSO2 products are advised to update their respective products and platforms or to apply the temporary mitigation steps immediately. Read More HERE…

Read more

Celebrating 15 Years of Pwn2Own

Join Erin Sindelar, Mike Gibson, Brian Gorenc, and Dustin Childs as they discuss Pwn2Own’s 15th anniversary, what we’ve learned, and how the program will continue to serve the cybersecurity community in the future. Read More HERE…

Read more

New Linux-Based Ransomware Cheerscrypt Targeting ESXi Devices Linked to Leaked Babuk Source Code

New findings showed that Cheerscrypt, a new Linux-based ransomware variant that compromises ESXi servers, was derived from the leaked Babuk source code. We discuss our analysis in this report. Read More HERE…

Read more

The Fault in Our kubelets: Analyzing the Security of Publicly Exposed Kubernetes Clusters

While researching cloud-native tools, our Shodan scan revealed over 200,000 publicly exposed Kubernetes clusters and kubelet ports that can be abused by criminals. Read More HERE…

Read more