This Week in Security News – January 7, 2022
This week, read about Log4j vulnerabilities in connected cars and charging stations and how iOS malware can fake iPhone shutdowns to snoop on cameras and microphones. Read More HERE…
Trend Micro Research : Ransomware
Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign. Read More HERE…
This Week in Security News – December 17, 2021
This week, read on Purple Fox’s infection chain observed by Trend Micro’s Managed XDR. Also, learn about the Log4j vulnerability that has the potential to cause ‘incalculable’ damage. Read More HERE…
Volatile and Adaptable: Tracking the Movements of Modern Ransomware
Trend Micro’s tracking of modern ransomware, as well as of older families, shows which attacks are gaining momentum and which families are particularly dangerous for enterprises and private users. Read More HERE…
This Week in Security News – December 10, 2021
This week, read about Trend Micro’s predictions for security in the coming year. Also, learn about the Biden administration’s latest initiatives for curtailing attacks on the transport infrastructure. Read More HERE…
New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes
We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these samples is that the files are code-signed. They also terminate various processes which are related to database and backup management. Read More HERE…
This Week in Security News – December 3, 2021
This week, learn about how Squirrelwaffle utilized ProxyLogon and ProxyShell to hack email chains. Also, read on a recent data breach of the Los Angeles Planned Parenthood Network. Read More HERE…
BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors
We observed BazarLoader adding two new arrival mechanisms to their current roster of malware delivery techniques. Read More HERE…
Global Operations Lead to Arrests of Alleged Members of GandCrab/REvil and Cl0p Cartels
A total of 13 suspects believed to be members of two prolific cybercrime rings were arrested as a global coalition across five continents involving law enforcement and private partners, including Trend Micro, sought to crack down on big ransomware operators. Read More HERE…
QAKBOT Loader Returns With New Techniques and Tools
QAKBOT operators resumed email spam operations towards the end of September after an almost three-month hiatus. QAKBOT detection has become a precursor to many critical and widespread ransomware attacks. Our report shares some insight into the new techniques and tools this threat is using. Read More HERE…