Facebook's Metaverse is Expanding the Attack Surface
Understand the cybersecurity risks in the Metaverse
We recently found a new advanced persistent threat (APT) group that we have dubbed Earth Berberoka (aka GamblingPuppet). This APT group targets gambling websites on Windows, macOS, and Linux platforms using old and new malware families.
Understand the cybersecurity risks in the Metaverse
With geopolitical tensions running high, oil and gas companies may be more susceptible to cyberattacks.
This blog entry offers a technical analysis of a new SolidBit variant that is posing as different applications to lure gamers and social media users. The SolidBit ransomware group appears to be planning to expand its operations through these fraudulent apps and its recruitment of ransomware-as-a-service affiliates.
In this blog post, we discuss the technical details of a new banking dropper that we have dubbed DawDropper, give a brief history of banking trojans released in early 2022 that use malicious droppers, and elaborate on cybercriminal activities related to DaaS in the deep web.
Streamlining and enhancing security in the cloud with AWS and Trend Micro
Gootkit has been known to use fileless techniques to drop Cobalt Strike and other malicious payloads. Insights from a recent attack reveal updates in its tactics.
This post relays the latest threat detection tool innovation of AWS - Amazon GuardDuty Malware Protection. This tool works closely with Trend Micro cloud solutions, providing another valuable layer of defence in our fight against a shared adversary.
In June 2022, LockBit revealed version 3.0 of its ransomware. In this blog entry, we discuss the findings from our own technical analysis of this variant and its behaviours, many of which are similar to those of the BlackMatter ransomware.
In this blog entry, we discuss a malicious campaign that targets Alibaba Cloud’s OSS buckets with leaked credentials for malware distribution and cryptojacking.
We discovered the use of two Python penetration-testing tools, Impacket and Responder, that malicious actors used to compromise systems and exfiltrate data. We share our key findings in this report.