Trend Micro Research : Network
Invitation to a Secret Event: Uncovering Earth Yako’s Campaigns
We detail the intrusion set Earth Yako, attributed to the campaign Operation RestyLink or EneLink. This analysis was presented in full at the JSAC 2023 in January 2023. Read More HERE…
Hijacking Your Bandwidth: How Proxyware Apps Open You Up to Risk
In this investigation, we analyzed several prominent “passive income” applications and found out that there may be security risks upon participating in these programs. Read More HERE…
WannaRen Returns as Life Ransomware, Targets India
This blog entry looks at the characteristics of a new WannaRen ransomware variant, which we named Life ransomware after its encryption extension. Read More HERE…
DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework
This report provides defenders and security operations center teams with the technical details they need to know should they encounter the DeimosC2 C&C framework. Read More HERE…
Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike
We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to the threat actors behind the Black Basta ransomware. Read More HERE…
Tracking Earth Aughisky’s Malware and Changes
For over 10 years, security researchers have been observing and keeping tabs of APT group Earth Aughisky’s malware families and the connections, including previously documented malware that have yet to be attributed. Read More HERE…
Improve Threat Detection & Response with OCSF
New open source initiative helping organizations to detect and respond to cyber-attacks faster and easier Read More HERE…
Analyzing Penetration-Testing Tools That Threat Actors Use to Breach Systems and Steal Data
We discovered the use of two Python penetration-testing tools, Impacket and Responder, that malicious actors used to compromise systems and exfiltrate data. We share our key findings in this report. Read More HERE…