Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign. Read More HERE…
Trend Micro Research : Endpoints
This Week in Security News – December 17, 2021
This week, read on Purple Fox’s infection chain observed by Trend Micro’s Managed XDR. Also, learn about the Log4j vulnerability that has the potential to cause ‘incalculable’ damage. Read More HERE…
Volatile and Adaptable: Tracking the Movements of Modern Ransomware
Trend Micro’s tracking of modern ransomware, as well as of older families, shows which attacks are gaining momentum and which families are particularly dangerous for enterprises and private users. Read More HERE…
Collecting In the Dark: Tropic Trooper Targets Transportation and Government
Our long-term monitoring of the cyberespionage group Earth Centaur (aka Tropic Trooper) shows that the threat actors are equipped with new tools and techniques. The group seems to be targeting transportation companies and government agencies related to transportation. Read More HERE…
A Look Into Purple Fox’s Server Infrastructure
By examining Purple Fox’s routines and activities, both with our initial research and the subject matter we cover in this blog post, we hope to help incident responders, security operation centers (SOCs), and security researchers find and weed out Purple Fox infections in their network. Read More HERE…
Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify
We looked into exploitation attempts we observed in the wild and the abuse of legitimate platforms Netlify and GitHub as repositories for malware. Read More HERE…
BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors
We observed BazarLoader adding two new arrival mechanisms to their current roster of malware delivery techniques. Read More HERE…
QAKBOT Loader Returns With New Techniques and Tools
QAKBOT operators resumed email spam operations towards the end of September after an almost three-month hiatus. QAKBOT detection has become a precursor to many critical and widespread ransomware attacks. Our report shares some insight into the new techniques and tools this threat is using. Read More HERE…
This Week in Security News – November 12, 2021
This week, learn about the prolific cybermercenaries, Void Balaur, and their recent attacks. Also, read on the 80-country agreement to mobilize safeguards against cyberattacks. Read More HERE…
This Week in Security News – November 5th, 2021
This week, learn about what the future of cybercrime could potentially look like by the start of the next decade, according to Trend Micro’s Project 2030. Also, read on how a hacker stole $784k in crypto through SIM swaps. Read More HERE…