Four Must-haves to Strengthen Your Endpoint Security
To combat complexity and achieve optimal security outcomes, there are four key factors an organization should consider when evaluating their endpoint security. Read More HERE…
Trend Micro Research : Endpoints
Malvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator
We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led to a BlackCat (aka ALPHV) infection, and actors also used SpyBoy, a terminator that tampers with protection provided by agents. Read More HERE…
An Overview of the Different Versions of the Trigona Ransomware
The Trigona ransomware is a relatively new ransomware family that began activities around late October 2022 — although samples of it existed as early as June 2022. Since then, Trigona’s operators have remained highly active, and in fact have been continuously updating their ransomware binaries. Read More HERE…
How to Deploy Generative AI Safely and Responsibly
New uses for generative AI are being introduced every day—but so are new risks. Read More HERE…
SeroXen Mechanisms: Exploring Distribution, Risks, and Impact
This is the third installment of a three-part technical analysis of the fully undetectable (FUD) obfuscation engine BatCloak and SeroXen malware. In this entry, we document the techniques used to spread and abuse SeroXen, as well as the security risks, impact, implications of, and insights into highly evasive FUD batch obfuscators. Read More HERE…
Generative AI Assistant Makes Hunting Threats Faster
Learn how analysts can search for threats with greater accuracy, speed, and effectiveness. Read More HERE…
Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion
Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential. Read More HERE…
SeroXen Incorporates Latest BatCloak Engine Iteration
We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable (FUD) .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s evasion capabilities and interoperability with other malware. Read More HERE…
Your New AI Assistant: Trend Vision One™ – Companion
Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential. Read More HERE…
Behind the Scenes: Unveiling the Hidden Workings of Earth Preta
This blog entry discusses the more technical details on the most recent tools, techniques, and procedures (TTPs) leveraged by the Earth Preta APT group, and tackles how we were able to correlate different indicators connected to this threat actor. Read More HERE…