Developing Story: Information on Attacks Involving 3CX Desktop App
In late March 2023, security researchers revealed that threat actors were actively abusing a popular business communication software from 3CX. Read More HERE…
Read more
Trend Micro Research : Research
Preventing and Detecting Attacks Involving 3CX Desktop App
In late March 2023, security researchers revealed that threat actors were actively abusing a popular business communication software from 3CX. Read More HERE…
Read more
New OpcJacker Malware Distributed via Fake VPN Malvertising
We discovered a new malware, which we named “OpcJacker” (due to its opcode configuration design and its cryptocurrency hijacking ability), that has been distributed in the wild since the second half of 2022. Read More HERE…
Read more
Pack it Secretly: Earth Preta’s Updated Stealthy Strategies
After months of investigation, we found that several undisclosed malware and interesting tools used for exfiltration purposes were being used by Earth Preta. We also observed that the threat actors were actively changing their tools, tactics, and procedures (TTPs) to bypass security solutions. In this blog entry, we will introduce and analyze the other tools and malware used by the threat actor. Read More HERE…
Read more
Emotet Returns, Now Adopts Binary Padding for Evasion
Following a three-month hiatus, Emotet spam activities resumed in March 2023, when a botnet known as Epoch 4 began delivering malicious documents embedded in Zip files that were attached to the emails. Read More HERE…
Read more
Examining Ransomware Payments From a Data-Science Lens
In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups’ ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.” Read More HERE…
Read more
Managed XDR Exposes Spear-Phishing Campaign Targeting Hospitality Industry Using RedLine Stealer
Find out how the Managed XDR team uncovered RedLine Stealer’s evasive spear-phishing campaign that targets the hospitality industry. Read More HERE…
Read more
Leveraging Data Science to Minimize the Blast Radius of Ransomware Attacks
In this blog entry, we present a case study that illustrates how data-science techniques can be used to gain valuable insights about ransomware groups’ targeting patterns as detailed in our research paper, “What Decision-Makers Need to Know About Ransomware Risk.” Read More HERE…
Read more
A Deep Dive into the Evolution of Ransomware Part 3
This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends. Read More HERE…
Read more