An Overview of the New Rhysida Ransomware Targeting the Healthcare Sector
In this blog entry, we will provide details on Rhysida, including its targets and what we know about its infection chain. Read More HERE…
Trend Micro Research : Ransomware
TargetCompany Ransomware Abuses FUD Obfuscator Packers
In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable (FUD) obfuscator engine BatCloak to infect vulnerable systems. Read More HERE…
Tailing Big Head Ransomware’s Variants, Tactics, and Impact
We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware. Read More HERE…
An Overview of the Different Versions of the Trigona Ransomware
The Trigona ransomware is a relatively new ransomware family that began activities around late October 2022 — although samples of it existed as early as June 2022. Since then, Trigona’s operators have remained highly active, and in fact have been continuously updating their ransomware binaries. Read More HERE…
MOVEit Vulnerability Breaches Targeted Fed Agencies
Jon Clay and Ed Cabrera talk about the MOVEit breaches and more in the video series #TrendTalksBizSec Read More HERE…
Insights on the MOVEit File Transfer Vulnerability
Ongoing developments on this topic will be added to this thread. We invite you to bookmark this page and check back. Read More HERE…
Insight on Vulnerabilities in MOVEit Transfer
Ongoing developments on this topic will be added to this thread. We invite you to bookmark this page and check back. Read More HERE…
Xollam, the Latest Face of TargetCompany
This blog talks about the latest TargetCompany ransomware variant, Xollam, and the new initial access technique it uses. We also investigate previous variants’ behaviors and the ransomware family’s extortion scheme. Read More HERE…
Investigating BlackSuit Ransomware’s Similarities to Royal
In this blog entry, we analyze BlackSuit ransomware and how it compares to Royal Ransomware. Read More HERE…
BlackCat Ransomware Deploys New Signed Kernel Driver
In this blog post, we will provide details on a BlackCat ransomware incident that occurred in February 2023, where we observed a new capability, mainly used for the defense evasion phase. Read More HERE…