Trend Micro Research : Research Archives - ThreatsHub Cybersecurity News

Play Ransomware Group’s New Linux Variant Targets ESXi, Shows Ties With Prolific Puma

July 19, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research

Trend Micro threat hunters discovered that the Play ransomware group has been deploying a new Linux variant that targets ESXi environments. Read our blog entry to know more. Read More HERE…

TrendMicro

The Potential Impact of the OpenSSH Vulnerabilities CVE-2024–6387 and CVE-2024-6409

July 17, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Research

We check the OpenSSH vulnerabilities CVE-2024–6387 and CVE-2024-6409, examining their potential real-world impact and the possibility of exploitation for CVE-2024–6387 in x64 systems. Read More HERE…

TrendMicro

Turning Jenkins Into a Cryptomining Machine From an Attacker’s Perspective

July 5, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Research

In this blog entry, we will discuss how the Jenkins Script Console can be weaponized by attackers for cryptomining activity if not configured properly. Read More HERE…

TrendMicro

Mekotio Banking Trojan Threatens Financial Systems in Latin America

July 4, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Research

We’ve recently seen a surge in attacks involving the Mekotio banking trojan. In this blog entry, we’ll provide an overview of the trojan and what it does. Read More HERE…

TrendMicro

Examining Water Sigbin’s Infection Routine Leading to an XMRig Cryptominer

June 28, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Research

We analyze the multi-stage loading technique used by Water Sigbin to deliver the PureCrypter loader and XMRIG crypto miner. Read More HERE…

TrendMicro

ICO Scams Leverage 2024 Olympics to Lure Victims, Use AI for Fake Sites

June 27, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Artificial Intelligence (AI), Trend Micro Research : Cyber Crime, Trend Micro Research : Research

In this blog we uncover threat actors using the 2024 Olympics to lure victims into investing in an initial coin offering (ICO). Similar schemes have been found to use AI-generated images for their fake ICO websites. Read More HERE…

TrendMicro

Behind the Great Wall: Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework

June 19, 2024 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Research

We recently discovered a new threat actor group that we dubbed Void Arachne. This group targets Chinese-speaking users with malicious Windows Installer (MSI) files in a recent campaign. These MSI files contain legitimate software installer files for AI software and other popular software but are bundled with malicious Winos payloads. Read More HERE…

TrendMicro

Noodle RAT: Reviewing the New Backdoor Used by Chinese-Speaking Groups

June 11, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Research

This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime. Read More HERE…

TrendMicro

Noodle RAT: Reviewing the Backdoor Used by Chinese-Speaking Groups

June 11, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Research

This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime. Read More HERE…

TrendMicro

Commando Cat: A Novel Cryptojacking Attack Abusing Docker Remote API Servers

June 6, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Malware, Trend Micro Research : Research

We analyze a cryptojacking attack campaign exploiting exposed Docker remote API servers to deploy cryptocurrency miners, using Docker images from the open-source Commando project. Read More HERE…

← Previous