Trend Micro Collaborated with Interpol in Cracking Down Grandoreiro Banking Trojan
Trend Micro Collaborated with Interpol in Cracking Down Grandoreiro Banking Trojan | Trend Micro (US) Content has been added to...
Trend Micro Research : Malware
Importance of Scanning Files on Uploader Applications
In the digital age, the ability to upload files is a common feature in many applications, as it allows users...
Cyberespionage Group Earth Hundun’s Continuous Refinement of Waterbear and Deuterbear
Earth Hundun is a cyberespionage-motivated threat actor that has been active for several years in the Asia-Pacific region, targeting the...
TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types
Executing domain discovery and persistence commands Aside from malware deployment, we have also seen several attempts to discover network infrastructure...
Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections
The folder also contained an LNK file and a __MACOS folder with payload, this time timestamped Dec. 22, 2023. Similar...
Earth Preta Campaign Uses DOPLUGS to Target Asia
All the files under these folders will be copied to {USB_volume}:Usb Disk: {USB_volume}: {USB_volume}:Kaspersky {USB_volume}:KasperskyUsb Drive {USB_volume}:Usb Drive3.0 {USB_volume}:KasperskyRemovable Disk...
What Generative AI Means for Cybersecurity in 2024
(Mis)using generative AI for cybercrime When public versions of generative AI first hit the scene, some experts worried criminals would...
Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign
Pikabot seems to have a binary version and a campaign ID. The keys 0fwlm4g and v2HLF5WIO are present in the...
Analyzing AsyncRAT’s Code Injection into aspnet_compiler.exe Across Multiple Incident Response…
AsyncRAT scans specific folders within the application directory, browser extensions, and user data to identify folder names associated with particular...
Attack Signals Possible Return of Genesis Market, Abuses Node.js, and…
The next part of the infection chain involved the installation of an old but legitimate Node.js with a valid and...
A Closer Look at ChatGPT’s Role in Automated Malware Creation
In addition to the previously mentioned challenges, ChatGPT cannot generate custom paths, file names, IP addresses, or command and control...
Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential…
Assessing the impact of a phishing attack holds critical importance in incident response. This provides valuable insight into the extent...
Beware: Lumma Stealer Distributed via Discord CDN
Beware Lumma Stealer Distributed via Discord CDN Content has been added to your Folio Go to Folio (0) close Cyber...
Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant
Almost a year after Void Rabisu shifted its targeting from opportunistic ransomware attacks with an emphasis on cyberespionage, the threat...
DarkGate Opens Organizations for Attack via Skype, Teams
Conclusion and recommendations In this case study, the attack was detected and contained before the actor could achieve their objectives....
