QR Codes: Convenience or Cyberthreat?
Security awareness and measures to detect and prevent sophisticated risks associated with QR code-based phishing attacks (quishing) Read More HERE…
Security awareness and measures to detect and prevent sophisticated risks associated with QR code-based phishing attacks (quishing) Read More HERE…
Cheap and easy access to AI makes it harder to detect state-sponsored and homegrown campaigns during this election year Read More HERE…
Delve into the world of red team exercises, their vital role in enhancing organizational security through simulated cyberattacks, including tactics like phishing and lateral movement within networks, and understand the need for regular testing and improvement to counter evolving threats effectively. Read More HERE…
Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted. Read More HERE…
Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging environments. Read More HERE…
Here’s the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space. Read More HERE…
The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023. Read More HERE…
We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies. Read More HERE…
We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia. Read More HERE…
We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication. Read More HERE…