Research, News, and Perspectives

APT & Targeted Attacks

U.S. Justice Department Charges APT41 Hackers over Global Cyberattacks

The United States Justice Department announced that it was charging five Chinese citizens with hacking crimes committed against over 100 institutions in the United States and abroad. These five individuals were reportedly connected to the hacking group known as APT41.

This Week in Security News: AWS Outposts Ready Launches With 32 Validated Partners and Staples Hit by a Data Breach

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days

"Zerologon” and the Value of Virtual Patching

A new CVE was released recently that has made quite a few headlines

Expert Perspective Sep 16, 2020

1H 2020 Cyber Security Defined by Covid-19 Pandemic

Malicious actors have always taken advantage of big news to use as lures for socially engineered threats, but these events tend to be fairly short news cycles. When Covid-19 started making headlines in early 2020, we started seeing new threats using this in the attacks.

Sep 15, 2020

Ransomware

Boosting Impact for Profit: Evolving Ransomware Techniques for Targeted Attacks

A closer look at ransomware: Their changing techniques, targets, best practices, and solutions to defend and mitigate against them.

Sep 15, 2020

Malware

Analysis of a Convoluted Attack Chain Involving Ngrok

The Trend Micro ™ Managed XDR team recently handled an incident involving one of Trend Micro’s customers. The incident revealed how a malicious actor incorporated certain techniques into an attack, making it more difficult for blue teams and security researchers alike to analyze the chain of events in a clean and easily understandable manner.

Research Sep 14, 2020

Malware

War of Linux Cryptocurrency Miners: A Battle for Resources

This blog will discuss the ruthless battle for computing power among the different cryptocurrency-mining malware that target Linux systems. We also discuss the shifts in entry points that cover Docker environments and applications with open APIs.

Research Sep 10, 2020

Exploits & Vulnerabilities

September Patch Tuesday Updates Exchange, SharePoint

This month’s update includes 129 updates for the Microsoft Office suite, with 15 specifically addressing SharePoint vulnerabilities.

Purple Fox EK Relies on Cloudflare for Stability

We’ve talked about Purple Fox malware being delivered by the Rig exploit kit. Other researchers later found evidence that it had its own delivery mechanism, and thus named it the Purple Fox exploit kit. We recently found a spike in the Purple Fox exploit kit with improved delivering tactics.

Research Sep 09, 2020

Cloud

Exposed Docker Server Abused to Drop Cryptominer, DDoS Bot

Malicious actors continue to target environments running Docker containers. We recently encountered an attack that drops both a malicious cryptocurrency miner and a DDoS bot on a Docker container built using Alpine Linux as its base image.

Research Sep 08, 2020

Research, News, and Perspectives

Trending Topics