cyber threats

The Risk of Ransomware Supply Chain Attacks

Posted on by Admin
The Risk of Ransomware Supply Chain Attacks

Ransomware has been a major threat to cybersecurity throughout the years, dominating boardroom discussions. It is a type of malware that prevents or limits users from accessing their systems. Malicious actors lock the system’s screen or user files until a hefty ransom is paid. First seen in Russia between 2005 and 2006, ransomware’s popularity as a business model spread across the globe. By 2012, Trend Micro has observed a continuous spread of infections across Europe…

Read More

Security Breaks: TeamTNT’s DockerHub Credentials Leak

Posted on by Admin
Security Breaks: TeamTNT’s DockerHub Credentials Leak

We constantly deploy and study our honeypots to get a view of actively exploited vulnerabilities and misconfigurations on platforms and services that pose cloud security risks. One of these honeypots is based on exposed Docker REST API for analysis from cloud services providers’ and users’ perspectives. Upon analyzing the samples, we realized and were able to understand the threat actors’ use of container registry features for Docker malware and tactics, techniques, and procedures (TTPs). Our…

Read More

Tackling the Growing and Evolving Digital Attack Surface 2022 Midyear Cybersecurity Report

Posted on by Admin
Tackling the Growing and Evolving Digital Attack Surface 2022 Midyear Cybersecurity Report

According to our Trend Micro Smart Protection Network (SPN) platform, Emotet detections soared in the first six months of 2022 with 148,701 detections compared to the 13,811 detections in the first half of the previous year. Based on our telemetry, Japan was the country with the highest number of detections. Comparison of Emotet detections Year Count 1H 2021 13,811 1H 2022 148,701 Source: Trend Micro Smart Protection Network Top five countries with Emotet detections Country…

Read More

New Golang Ransomware Agenda Customizes Attacks

Posted on by Admin
New Golang Ransomware Agenda Customizes Attacks

Analysis and notable features The Agenda ransomware is a 64-bit Windows PE file written in Go. Go programs are cross-platform and completely standalone, meaning they will execute properly even without a Go interpreter installed on a system. This is possible since Go statically compiles necessary libraries (packages). Upon execution, this ransomware accepts various command-line arguments that define the malware flow and functionality, as listed in the table below. Argument  Description -alter {int}  Defines the port number…

Read More

Oil and Gas Cybersecurity: Recommendations Part 3

Posted on by Admin
Oil and Gas Cybersecurity: Recommendations Part 3

Oil and Gas Cybersecurity: Recommendations Part 3 Cyber Threats In the final part of our series, we look at the APT33 case study and several recommendations from our expert team. By: Trend Micro August 15, 2022 Read time:  ( words) The oil and gas industry continues to be a prime target for threat actors who want to disrupt the operation and wreak havoc. In part two, we discussed various threats that can affect an oil…

Read More

Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users

Posted on by Admin
Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users

We confirmed that both the legitimate and the malicious versions of the chat installer were unsigned, which means the users of MiMi chat were probably used to all these extra steps to finally install the application despite all the macOS watchguards. HyperBro The HyperBro malware family has been around since 2017 and has been extensively analyzed. It was updated in mid-2019, which we described in detail in our Operation DRBControl paper. The version used in…

Read More

CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies

Posted on by Admin
CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies

CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies Malware We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via a malicious Chromium-based browser extension. By: Jaromir Horejsi, Joseph C Chen August 11, 2022 Read time:  ( words) We published our analyses on CopperStealer distributing malware by abusing various components such as browser stealer, adware browser extension, or remote desktop. Tracking the cybercriminal group’s latest…

Read More

Oil and Gas Cybersecurity: Threats Part 2

Posted on by Admin
Oil and Gas Cybersecurity: Threats Part 2

Oil and Gas Cybersecurity: Threats Part 2 Cyber Threats In part two of our oil and gas series, we look at more threats that can expose the industry to cyberattacks. By: Trend Micro August 11, 2022 Read time:  ( words) The Russia-Ukraine war has posed threats to the oil and gas industry. Our team even uncovered several alleged attacks perpetrated by various groups during a March 2022 research. In part one, we exhibit how a…

Read More

Forecasting Metaverse Threats: Will it Become Metaworse?

Posted on by Admin
Forecasting Metaverse Threats: Will it Become Metaworse?

The term “metaverse” was first used by Neal Stephenson in his 1992 cyberpunk novel Snow Crash. It describes a virtual world that can be explored using avatars, offering players a completely immersive experience. Today, we see similar worlds in massively multiplayer online role-playing games (MMORPGs) such as Roblox, Minecraft, Fortnite, Second Life, and others, but these games are still nowhere close to the immersive experience described in Snow Crash.  The modern metaverse concept consists of…

Read More

Oil and Gas Cybersecurity: Industry Overview Part 1

Posted on by Admin
Oil and Gas Cybersecurity: Industry Overview Part 1

The oil and gas industry is no stranger to major cybersecurity attacks, attempting to disrupt operations and services. Most of the best understood attacks against the oil industry are initial attempts to break into the corporate networks of oil companies. Geopolitical tensions can cause major changes not only in physical space, but also in cyberspace. In March 2022, our researchers observed several alleged cyberattacks perpetrated by different groups. It has now become important more than…

Read More
1 7 8 9 10 11 18