Vulnerability Reward Program: 2022 Year in ReviewPosted by Sarah Jacobus, Vulnerability Rewards Team It has been another incredible year for the Vulnerability Reward Programs (VRPs) at...
Day: February 23, 2023
What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source Toolkits
What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source ToolkitsWe analyze a BEC campaign targeting large companies around the world that was...
Monthly Threat Webinar Series in 2023: What to Expect
Monthly Threat Webinar Series in 2023: What to ExpectStay informed and stay aheadRead MoreTrend Micro Research, News, PerspectivesStay informed and stay ahead
New APT34 Malware Targets The Middle East
New APT34 Malware Targets The Middle EastWe analyze an infection campaign targeting organizations in the Middle East for cyberespionage in December 2022 using a new backdoor...
TgToxic Malware’s Automated Framework Targets Southeast Asia Android Users
TgToxic Malware’s Automated Framework Targets Southeast Asia Android UsersWe look into an ongoing malware campaign we named TgToxic, targeting Android mobile users in Taiwan, Thailand, and...
Hijacking Your Bandwidth: How Proxyware Apps Open You Up to Risk
Hijacking Your Bandwidth: How Proxyware Apps Open You Up to RiskIn this investigation, we analyzed several prominent "passive income" applications and found out that there may...
Earth Zhulong: Familiar Patterns Target Southeast Asian Firms
Earth Zhulong: Familiar Patterns Target Southeast Asian FirmsIn 2022, we discovered Earth Zhulong, a hacking group that has been targeting Asian firms similar to another well-known...
Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs
Enigma Stealer Targets Cryptocurrency Industry with Fake JobsWe discovered an active campaign targeting Eastern Europeans in the cryptocurrency industry using fake job lures.Read MoreTrend Micro Research,...
Invitation to a Secret Event: Uncovering Earth Yako’s Campaigns
Invitation to a Secret Event: Uncovering Earth Yako’s CampaignsWe detail the intrusion set Earth Yako, attributed to the campaign Operation RestyLink or EneLink. This analysis was...
Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack
Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole AttackWe discovered a new backdoor which we have attributed to the advanced persistent threat actor known as...
Royal Ransomware Expands Attacks by Targeting Linux ESXi Servers
Royal Ransomware Expands Attacks by Targeting Linux ESXi ServersRansomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following...
In Review: What GPT-3 Taught ChatGPT in a Year
In Review: What GPT-3 Taught ChatGPT in a YearAmidst the uproar and opinions since November 2022, we look at the possibilities and implications of what OpenAI’s...
A Deep Dive into the Evolution of Ransomware Part 1
A Deep Dive into the Evolution of Ransomware Part 1This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the...
Investigators uncover crypto scammers baiting ‘phish’ hooks on YouTube
Investigators uncover crypto scammers baiting ‘phish’ hooks on YouTubeA report reveals a new network of malefactors in the lucrative crypto fraud market using videos, channels and...
Cryptocurrency users in the US hit by ransomware and Clipper malware
Cryptocurrency users in the US hit by ransomware and Clipper malwareLearn how to protect your business and staff from the MortalKombat ransomware and Laplas Clipper malware....
Cybersecurity pros less likely to be impacted by layoffs if economy slows
Cybersecurity pros less likely to be impacted by layoffs if economy slowsIn the face of recession worries, cybersecurity teams would be least affected by staffing cuts...
Security warning: Beep malware can evade detection
Security warning: Beep malware can evade detectionFind out how Beep malware can evade your security system, what it can do and how to protect your business....
Using zero trust access to stay compliant & solve common MDM issues
Using zero trust access to stay compliant & solve common MDM issuesExplore how zero trust can provide solutions for enterprises and users with the CEO of...
Gain an understanding of AI, cybersecurity and more with this $69 resource
Gain an understanding of AI, cybersecurity and more with this $69 resourceThe Modern Tech Skills Bundle from CyberTraining 365 offers lifetime access to over 2,000 video...
How to expand your search sources
How to expand your search sourcesExplore search services beyond Google and Bing for a wider range of results, customization and privacy options. The post How to...
IBM: Most ransomware blocked last year, but cyberattacks are moving faster
IBM: Most ransomware blocked last year, but cyberattacks are moving fasterA new study from IBM Security suggests cyberattackers are taking side routes that are less visible,...
Phishing Resistance – Protecting the Keys to Your Kingdom
Phishing Resistance – Protecting the Keys to Your KingdomIf you own a computer, watch the news, or spend virtually any time online these days you have...
Emergency VMware ESXi update fixes Windows Server 2022 VM boot issues
Emergency VMware ESXi update fixes Windows Server 2022 VM boot issuesVMware has released a vSphere ESXi update to address a known issue causing some Windows Server...
Activision confirms data breach exposing employee and game info
Activision confirms data breach exposing employee and game infoActivision has confirmed that it suffered a data breach in December 2022 after one of its employees fell...
Windows 11 KB5022905 preview update released with 13 changes
Windows 11 KB5022905 preview update released with 13 changesMicrosoft has released the February 2023 optional cumulative updates for all editions of Windows 11 22H2 and all...
What is the Best Pen Testing Schedule for Your Development Cycle?
What is the Best Pen Testing Schedule for Your Development Cycle?Whether you are using a waterfall method for development, a flexible agile approach, or the always-on...
Hydrochasma hackers target medical research labs, shipping firms
Hydrochasma hackers target medical research labs, shipping firmsA previously unknown threat actor named Hydrochasma has been targeting shipping and medical laboratories involved in COVID-19 vaccine development and...
VMware warns admins of critical Carbon Black App Control flaw
VMware warns admins of critical Carbon Black App Control flawVMware has released a critical security upgrade to address a critical injection vulnerability that impacts several versions...
New S1deload Stealer malware hijacks Youtube, Facebook accounts
New S1deload Stealer malware hijacks Youtube, Facebook accountsAn ongoing malware campaign targets YouTube and Facebook users, infecting their computers with a new information stealer that will...
Hackers now exploit critical Fortinet bug to backdoor servers
Hackers now exploit critical Fortinet bug to backdoor serversThreat actors are targeting Internet-exposed Fortinet appliances with exploits targeting CVE-2022-39952, an unauthenticated file path manipulation vulnerability in the FortiNAC...