Oil and Gas Cybersecurity: Threats Part 2
In part two of our oil and gas series, we look at more threats that can expose the industry to cyberattacks. Read More HERE…
Trend Micro Research : Malware
Oil and Gas Cybersecurity: Industry Overview Part 1
With geopolitical tensions running high, oil and gas companies may be more susceptible to cyberattacks. Read More HERE…
Examining New DawDropper Banking Dropper and DaaS on the Dark Web
In this blog post, we discuss the technical details of a new banking dropper that we have dubbed DawDropper, give a brief history of banking trojans released in early 2022 that use malicious droppers, and elaborate on cybercriminal activities related to DaaS in the deep web. Read More HERE…
Better Together: AWS and Trend Micro
This post relays the latest threat detection tool innovation of AWS – Amazon GuardDuty Malware Protection. This tool works closely with Trend Micro cloud solutions, providing another valuable layer of defense in our fight against a shared adversary. Read More HERE…
Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography
In this blog entry, we discuss a malicious campaign that targets Alibaba Cloud’s OSS buckets with leaked credentials for malware distribution and cryptojacking. Read More HERE…
Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography Sr. Security Researcher Threat Researcher
In this blog entry, we discuss a malicious campaign that targets Alibaba Cloud’s OSS buckets with leaked credentials for malware distribution and cryptojacking. Read More HERE…
Conti vs. LockBit: A Comparative Analysis of Ransomware Groups
We compare the targeting and business models of the Conti and LockBit ransomware groups using data analysis approaches. This will be presented in full at the 34th Annual FIRST Conference on June 27, 2022. Read More HERE…
Websites Hosting Fake Cracks Spread Updated CopperStealer Malware
We found updated samples of the CopperStealer malware infecting systems via websites hosting fake software. Read More HERE…
Patch Your WSO2: CVE-2022-29464 Exploited to Install Linux-Compatible Cobalt Strike Beacons, Other Malware
Users of WSO2 products are advised to update their respective products and platforms or to apply the temporary mitigation steps immediately. Read More HERE…
Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys
We recently observed a number of apps on Google Play designed to perform malicious activities such as stealing user credentials and other sensitive user information, including private keys. Read More HERE…