Trend Vision One™ Email Security Raises the Standard
Learn all the new aspects of Trend Vision One™ Email Security and how it’s raising the standard of effectiveness for the industry. Read More HERE…
Trend Micro Research : Spam
Unlocking the Power of Amazon Security Lake for Proactive Security
Security is a central challenge in modern application development and maintenance, requiring not just traditional practices but also a deep understanding of application architecture and data flow. While organizations now have access to rich data like logs and telemetry, the real challenge lies in translating this information into actionable insights. This article explores how leveraging those insights can help detect genuine security incidents and prevent their recurrence. Read More HERE…
How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime
This report explores the Kopeechka service and gives a detailed technical analysis of the service’s features and capabilities and how it can help cybercriminals to achieve their goals. Read More HERE…
SeroXen Incorporates Latest BatCloak Engine Iteration
We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable (FUD) .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s evasion capabilities and interoperability with other malware. Read More HERE…
New APT34 Malware Targets The Middle East
We analyze an infection campaign targeting organizations in the Middle East for cyberespionage in December 2022 using a new backdoor malware. The campaign abuses legitimate but compromised email accounts to send stolen data to external mail accounts controlled by the attackers. Read More HERE…
Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware
During the first quarter of 2022, we discovered a significant number of infections using multiple new Emotet variants that employed both old and new techniques to trick their intended victims into accessing malicious links and enabling macro content. Read More HERE…
Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware
We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection. Read More HERE…
Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign. Read More HERE…
BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors
We observed BazarLoader adding two new arrival mechanisms to their current roster of malware delivery techniques. Read More HERE…
Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains
Squirrelwaffle is known for using the tactic of sending malicious spam as replies to existing email chains. We look into how by investigating its exploit of Microsoft Exchange Server vulnerabilities, ProxyLogon and ProxyShell. Read More HERE…