Content added to Folio

Research, News, and Perspectives

Add Filters
Filter by:
Threats
Environments
Article Type
Medium
Forging Ahead in 2023: Insights From Trend Micro’s 2023 Security Predictions
Cyber Threats

Forging Ahead in 2023: Insights From Trend Micro’s 2023 Security Predictions

In 2023, cybercriminals and defenders alike will have to move forward with caution in the face of a business landscape that’s fraught with security blindsides and economic ebbs and flows.

December 13, 2022

Trending Topics

Cyber Threats

“Payzero” Scams and The Evolution of Asset Theft in Web3

Malware

Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures

Cloud

Attacking The Supply Chain: Developer

Ransomware

New Mimic Ransomware Abuses Everything APIs for its Encryption Process

Cyber Crime

Earth Zhulong: Familiar Patterns Target Vietnam

In 2022, we discovered Earth Zhulong, a hacking group that has been targeting Vietnam's telecom, technology, and media sectors similar to another well-known threat actor. In this article, we unravel their new tactics, techniques and procedures that they apply on their misdeeds.

Research Feb 08, 2023

Save to Folio

Research Feb 08, 2023

Save to Folio

Malware

TgToxic Malware’s Automated Framework Targets Southeast Asia Android Users

We look into an ongoing malware campaign we named TgToxic, targeting Android mobile users in Taiwan, Thailand, and Indonesia since July 2022. The malware steals users’ credentials and assets such as cryptocurrency from digital wallets, as well as money from bank and finance apps. Analyzing the automated features of the malware, we found that the threat actor abused legitimate test framework Easyclick to write a Javascript-based automation script for functions such as clicks and gestures.

Feb 03, 2023

Save to Folio

Feb 03, 2023

Save to Folio

APT & Targeted Attacks

New APT34 Malware Targets The Middle East

We analyze an infection campaign targeting organizations in the Middle East for cyberespionage in December 2022 using a new backdoor malware. The campaign abuses legitimate but compromised email accounts to send stolen data to external mail accounts controlled by the attackers.

Feb 02, 2023

Save to Folio

Feb 02, 2023

Save to Folio

Ransomware

New Mimic Ransomware Abuses Everything APIs for its Encryption Process

Trend Micro researchers discovered a new ransomware that abuses the APIs of a legitimate tool called Everything, a Windows filename search engine developed by Voidtools that offers quick searching and real-time updates for minimal resource usage.

Research Jan 26, 2023

Save to Folio

Research Jan 26, 2023

Save to Folio

Cloud

Attacking The Supply Chain: Developer

In this proof of concept, we look into one of several attack vectors that can be abused to attack the supply chain: targeting the developer. With a focus on the local integrated developer environment (IDE), this proof considers the execution of malicious build scripts via injecting commands when the project or build is incorrectly “trusted”.

Jan 25, 2023

Save to Folio

Jan 25, 2023

Save to Folio

Ransomware

Vice Society Ransomware Group Targets Manufacturing Companies

In this blog entry, we’d like to highlight our findings on Vice Society, which includes an end-to-end infection diagram that we were able to create using Trend Micro internal telemetry.

Research Jan 24, 2023

Save to Folio

Research Jan 24, 2023

Save to Folio

Cyber Threats

“Payzero” Scams and The Evolution of Asset Theft in Web3

In this entry, we discuss a Web3 fraud scenario where scammers target potential victims via fake smart contracts, and then take over their digital assets, such as NFT tokens, without paying. We named this scam “Payzero”.

Research Jan 18, 2023

Save to Folio

Research Jan 18, 2023

Save to Folio