Trend Micro Research : Network
Detecting BPFDoor Backdoor Variants Abusing BPF Filters
An analysis of advanced persistent threat (APT) group Red Menshen’s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021. Read More HERE…
Tailing Big Head Ransomware’s Variants, Tactics, and Impact
We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware. Read More HERE…
MOVEit Vulnerability Breaches Targeted Fed Agencies
Jon Clay and Ed Cabrera talk about the MOVEit breaches and more in the video series #TrendTalksBizSec Read More HERE…
SeroXen Mechanisms: Exploring Distribution, Risks, and Impact
This is the third installment of a three-part technical analysis of the fully undetectable (FUD) obfuscation engine BatCloak and SeroXen malware. In this entry, we document the techniques used to spread and abuse SeroXen, as well as the security risks, impact, implications of, and insights into highly evasive FUD batch obfuscators. Read More HERE…
Generative AI Assistant Makes Hunting Threats Faster
Learn how analysts can search for threats with greater accuracy, speed, and effectiveness. Read More HERE…
Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion
Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential. Read More HERE…
Your New AI Assistant: Trend Vision One™ – Companion
Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential. Read More HERE…
8220 Gang Evolves With New Strategies
We observed the threat actor group known as “8220 Gang” employing new strategies for their respective campaigns, including exploits for the Linux utility “lwp-download” and CVE-2017-3506, an Oracle WebLogic vulnerability. Read More HERE…
Attackers Use Containers for Profit via TrafficStealer
We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads. Read More HERE…