- June 02, 2020Access control devices that use facial recognition manage entry and exit into an enterprise’s premises. They are essentially the first line of defense for many businesses, but are they secure?
- April 21, 2020A spam campaign that spreads the Ursnif spyware has attachments named after an Australian insurance provider.
- March 19, 2020The notorious threat group Pawn Storm has been known to target high-profile entities, from governments to media for years. This research paper looks into the ways the group compromised email addresses and servers to facilitate credential phishing attacks.
Operation DRBControl: Uncovering a Cyberespionage Campaign Targeting Gambling Companies in Southeast AsiaFebruary 18, 2020The DRBControl campaign attacks its targets using a variety of malware and techniques that coincide with those used in other known cyberespionage campaigns.
- January 10, 2020At least three hacking groups have been identified aiming to interfere with or disrupt power grids across the United States. Attempts in attacking the utilities industry are on the rise, according to a report on the state of industrial control systems (ICSs).
- January 07, 2020A web skimming attack was used to target a school administration software that handles school accounting, student fees, and online stores for K-12 and other educational institutions.
- November 14, 2019Over the past month, threat actors have been using a relatively non-conventional approach to mount a flurry of distributed denial-of-service (DDoS) attacks: through TCP amplification.
- October 16, 2019The Winnti group has been reported to be using a previously undocumented backdoor named PortReuse presumably as a jump-off point from where the threat actors can launch supply chain attacks.
- September 25, 2019Emotet (detected by Trend Micro as TrojanSpy.Win32.EMOTET.THIBEAI) which recently resurfaced, is quick to expand its campaign to bank on the popularity of former CIA contractor and NSA whistleblower Edward Snowden’s bestselling memoir.