Mekotio Banking Trojan Threatens Financial Systems in Latin America
We’ve recently seen a surge in attacks involving the Mekotio banking trojan. In this blog entry, we’ll provide an overview of the trojan and what it does. Read More HERE…
Trend Micro Research : Endpoints
AI Coding Companions 2024: AWS, GitHub, Tabnine + More
AI coding companions are keeping pace with the high-speed evolution of generative AI overall, continually refining and augmenting their capabilities to make software development faster and easier than ever before. This blog looks at how the landscape is changing and key features of market-leading solutions from companies like AWS, GitHub, and Tabnine. Read More HERE…
Behind the Great Wall: Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework
We recently discovered a new threat actor group that we dubbed Void Arachne. This group targets Chinese-speaking users with malicious Windows Installer (MSI) files in a recent campaign. These MSI files contain legitimate software installer files for AI software and other popular software but are bundled with malicious Winos payloads. Read More HERE…
Noodle RAT: Reviewing the New Backdoor Used by Chinese-Speaking Groups
This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime. Read More HERE…
Noodle RAT: Reviewing the Backdoor Used by Chinese-Speaking Groups
This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime. Read More HERE…
It’s Time to Up-Level Your EDR Solution
You may have EDR, but did you know you can add threat detection and response to improve a SecOps team’s efficiency and outcomes – read more. Read More HERE…
Decoding Water Sigbin’s Latest Obfuscation Tricks
Water Sigbin (aka the 8220 Gang) exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against. Read More HERE…
Cybersecurity Decluttered: A Journey to Consolidation
Learn how far cybersecurity has come from scattered resources to consolidation the future. Read More HERE…
How Red Team Exercises Increases Your Cyber Health
Delve into the world of red team exercises, their vital role in enhancing organizational security through simulated cyberattacks, including tactics like phishing and lateral movement within networks, and understand the need for regular testing and improvement to counter evolving threats effectively. Read More HERE…
Earth Freybug Uses UNAPIMON for Unhooking Critical APIs
This article provides an in-depth look into two techniques used by Earth Freybug actors: dynamic-link library (DLL) hijacking and application programming interface (API) unhooking to prevent child processes from being monitored via a new malware we’ve discovered and dubbed UNAPIMON. Read More HERE…