Trend Micro Research : Research Archives - Page 2 of 29

Unveiling Earth Kapre aka RedCurl’s Cyberespionage Tactics With Trend Micro MDR, Threat Intelligence

This blog entry will examine Trend Micro MDR team’s investigation that successfully uncovered the intrusion sets employed by Earth Kapre in a recent incident, as well as how the team leveraged threat intelligence to attribute the extracted evidence to the cyberespionage threat group. Read More HERE…

TrendMicro

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO

March 4, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research

The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact. Read More HERE…

TrendMicro

Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections

February 26, 2024 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Research

During our monitoring of Earth Lusca, we noticed a new campaign that used Chinese-Taiwanese relations as a social engineering lure to infect selected targets. Read More HERE…

TrendMicro

LockBit Attempts to Stay Afloat With a New Version

February 22, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Ransomware, Trend Micro Research : Research

This research is the result of our collaboration with the National Crime Agency in the United Kingdom, who took action against LockBit as part of Operation Cronos, an international effort resulting in the undermining of its operations. Read More HERE…

TrendMicro

Earth Preta Campaign Uses DOPLUGS to Target Asia

February 20, 2024 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Research

In this blog entry, we focus on Earth Preta’s campaign that employed a variant of the DOPLUGS malware to target Asian countries. Read More HERE…

TrendMicro

SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes

February 13, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Expert Perspective, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Research

This entry aims to provide additional context to CVE-2024-21412, how it can be used by threat actors, and how Trend protects customers from this specific vulnerability. Read More HERE…

TrendMicro

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day

February 13, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Research

The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative. Read More HERE…

TrendMicro

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks

February 7, 2024 TH Author Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Research

In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution. Read More HERE…

TrendMicro

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets

January 31, 2024 TH Author Trend Micro Research : APT&Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Phishing, Trend Micro Research : Research

Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted. Read More HERE…

TrendMicro

Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver 

January 23, 2024 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Ransomware, Trend Micro Research : Research

In this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the actors behind it have acquired access to the source code of the notorious BlackMatter ransomware.   Read More HERE…