WannaRen Returns as Life Ransomware, Targets India
This blog entry looks at the characteristics of a new WannaRen ransomware variant, which we named Life ransomware after its encryption extension. Read More HERE…
Trend Micro Research : Research
Earth Preta Spear-Phishing Governments Worldwide
We break down the cyberespionage activities of advanced persistent threat (APT) group Earth Preta, observed in large-scale attack deployments that began in March. We also show the infection routines of the malware families they use to infect multiple sectors worldwide: TONEINS, TONESHELL, and PUBLOAD. Read More HERE…
Electricity/Energy Cybersecurity: Trends & Survey Response
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations. Read More HERE…
CVE-2019-8561: A Hard-to-Banish PackageKit Framework Vulnerability in macOS
This blog entry details our investigation of CVE-2019-8561, a vulnerability that exists in the macOS PackageKit framework, a component used to install software installer packages (PKG files). Read More HERE…
DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework
This report provides defenders and security operations center teams with the technical details they need to know should they encounter the DeimosC2 C&C framework. Read More HERE…
Attack Surface Management 2022 Midyear Review Part 3
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year. Read More HERE…
Manufacturing Cybersecurity: Trends & Survey Response
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations. Read More HERE…
Comprehensive Traceability for Android Supply-Chain Security
We discuss the importance of traceability in the world of mobile operating systems. Read More HERE…
Where is the Origin?: QAKBOT Uses Valid Code Signing
Code signing certificates help us assure the file’s validity and legitimacy. However, threat actors can use that against us. In this blog, discover how QAKBOT use such tactic and learn ways how to prevent it. Read More HERE…
From Bounty to Exploit: Observations About Cybercriminal Contests
From articles to hackathons, cybercriminals are resorting to crowdsourcing to find more ways to exploit systems. In this blog, we discuss our takeaways and summarize the results of these contests. Read More HERE…