State of OT Security in 2022: Big Survey Key Insights

State of OT Security in 2022: Big Survey Key Insights

State of OT Security in 2022: Big Survey Key Insights Compliance & Risks Learn about the state of OT Security in 2022 by reading the key insights found through surveying more than 900 ICS business and security leaders in the US, Germany and Japan. By: Hiroyuki Ueno June 15, 2022 Read time:  ( words) Industrial sectors affected by cyberattacks It has become evident that critical infrastructure and manufacturing industries worldwide are under threat from cyberattacks,…

Read More

Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques

Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques

Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques Trend Micro Research observed the resurgence of the Cuba ransomware group that launched a new malware variant using different infection techniques compared to past iterations. We discuss our initial findings in this report. By: Don Ovid Ladores June 08, 2022 Read time:  ( words) Cuba ransomware is a malware family that has been seasonally detected since it was first observed in February 2020. It resurfaced…

Read More

Closing the Door DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme

Closing the Door DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme

The dark blue line in the survival analysis in Figure 8 shows the date range when victims paid the ransom amount. In this analysis, the victims that do not pay the ransom amount are referred to as survivors, while those who do are referred to as terminal. This analysis allows us to better understand the science of ransomware and ransom payout prevention. We can go further and say that for about 5 to 7.5 bitcoins…

Read More

Trend Micro Partners With Interpol and Nigeria EFCC for Operation Killer Bee, Takes Down Nigerian BEC Actors

Trend Micro Partners With Interpol and Nigeria EFCC for Operation Killer Bee, Takes Down Nigerian BEC Actors

It starts with the malicious actors scraping the internet for public sites containing email addresses, which will be stored in a text file. They also use tools such as Lite Email Extractor to scrape email addresses. To expand their range of targets the malicious actors also search for specific keywords in Google, such as “LTD PLC” and “manufacturing suppliers.” After obtaining their list of targets, they may share this information with other malicious actors via…

Read More

New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices

New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices

New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices Ransomware Trend Micro Research detected “Cheerscrypt”, a new Linux-based ransomware variant that compromises ESXi servers. We discuss our initial findings in this report. By: Arianne Dela Cruz, Byron Gelera, McJustine De Guzman, Warren Sto.Tomas May 25, 2022 Read time:  ( words) We recently observed multiple Linux-based ransomware detections that malicious actors launched to target VMware ESXi servers, a bare-metal hypervisor for creating and running several virtual machines (VMs)…

Read More

Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware

Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware

The Emotet botnet malware is well known in the cybersecurity industry for its success in using spam emails to compromise machines and then selling access to these machines as part of its infamous malware-as-a-service (MaaS) scheme. Operators behind notorious threats such as the Trickbot trojan and the Ryuk or Conti ransomware are among the malicious actors who have used the botnet malware in their attacks. But in January 2021 came news of Emotet’s dismantling, dubbed…

Read More

Uncovering a Kingminer Botnet Attack Using Trend Micro Managed XDR

Uncovering a Kingminer Botnet Attack Using Trend Micro Managed XDR

Uncovering a Kingminer Botnet Attack Using Trend Micro Managed XDR Trend Micro’s Managed XDR team addressed a Kingminer botnet attack conducted through an SQL exploit. We discuss our findings and analysis in this report. By: Buddy Tancio, Jed Valderama May 18, 2022 Read time:  ( words) We observed malicious activities in a client’s SQL server that flagged a potential exploit in one public-facing device. A quick look at the Trend Micro Vision One™ Workbench showed…

Read More

Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys

Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys

Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys Mobile We recently observed a number of apps on Google Play designed to perform malicious activities such as stealing user credentials and other sensitive user information, including private keys. By: Cifer Fang, Ford Quin, Zhengyu Dong May 16, 2022 Read time:  ( words) We recently observed a number of apps on Google Play designed to perform malicious activities such as stealing user credentials and other sensitive user…

Read More

Examining the Black Basta Ransomware’s Infection Routine

Examining the Black Basta Ransomware’s Infection Routine

Examining the Black Basta Ransomware’s Infection Routine Ransomware We analyze the Black Basta ransomware and examine the malicious actor’s familiar infection tactics. By: Ieriz Nicolle Gonzalez, Ivan Nicole Chavez, Katherine Casona, Nathaniel Morales May 09, 2022 Read time:  ( words) Black Basta, a new ransomware gang, has swiftly risen to prominence in recent weeks after it caused massive breaches to organizations in a short span of time. On April 20, 2022, a user named Black…

Read More
1 10 11 12 13 14 18