Mekotio Banking Trojan Threatens Financial Systems in Latin America
We’ve recently seen a surge in attacks involving the Mekotio banking trojan. In this blog entry, we'll provide an overview of the trojan and what it does.
Trend Micro Research, News and Perspectives
AI Pulse: Siri Says Hi to OpenAI, Deepfake Olympics & more
9 months 4 weeks ago
AI Pulse is a new blog series from Trend Micro on the latest cybersecurity AI news. In this edition: Siri says hi to OpenAI, fraud hogs the AI cybercrime spotlight, and why the Paris Olympics could be a hotbed of deepfakery.
AI Team
Examining Water Sigbin's Infection Routine Leading to an XMRig Cryptominer
9 months 4 weeks ago
We analyze the multi-stage loading technique used by Water Sigbin to deliver the PureCrypter loader and XMRIG crypto miner.
Ahmed Mohamed Ibrahim
ICO Scams Leverage 2024 Olympics to Lure Victims, Use AI for Fake Sites
10 months ago
In this blog we uncover threat actors using the 2024 Olympics to lure victims into investing in an initial coin offering (ICO). Similar schemes have been found to use AI-generated images for their fake ICO websites.
Cedric Pernet
AI Coding Companions 2024: AWS, GitHub, Tabnine + More
10 months ago
AI coding companions are keeping pace with the high-speed evolution of generative AI overall, continually refining and augmenting their capabilities to make software development faster and easier than ever before. This blog looks at how the landscape is changing and key features of market-leading solutions from companies like AWS, GitHub, and Tabnine.
Attackers in Profile: menuPass and ALPHV/BlackCat
10 months ago
To test the effectiveness of managed services like our Trend Micro managed detection and response offering, MITRE Engenuity™ combined the tools, techniques, and practices of two globally notorious bad actors: menuPass and ALPHV/BlackCat. This blog tells the story of why they were chosen and what makes them threats to be reckoned with.
Omdia Report: Trend Disclosed 60% of Vulnerabilities
10 months ago
The latest Omdia Vulnerability Report shows Trend MicroTM Zero Day InitiativeTM (ZDI) spearheaded 60% of 2023 disclosures, underscoring its role in cybersecurity threat prevention.
Dustin Childs
Worldwide 2023 Email Phishing Statistics and Examples
10 months 1 week ago
Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in 2023.
Worldwide 2023 Email Phishing Statistics and Examples
10 months 1 week ago
Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in 2023.
Behind the Great Wall: Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework
10 months 1 week ago
We recently discovered a new threat actor group that we dubbed Void Arachne. This group targets Chinese-speaking users with malicious Windows Installer (MSI) files in a recent campaign. These MSI files contain legitimate software installer files for AI software and other popular software but are bundled with malicious Winos payloads.
Peter Girnus
Not Just Another 100% Score: MITRE ENGENUITY ATT&CK
10 months 1 week ago
The latest MITRE Engenuity ATT&CK Evaluations pitted leading managed detection and response (MDR) services against threats modeled on the menuPass and BlackCat/AlphV adversary groups. Trend Micro achieved 100% detection across all 15 major attack steps with an 86% actionable rate for those steps— balancing detections and business priorities including operational continuity and minimized disruption.
Noodle RAT: Reviewing the Backdoor Used by Chinese-Speaking Groups
10 months 2 weeks ago
This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime.
Hara Hiroaki
Commando Cat: A Novel Cryptojacking Attack Abusing Docker Remote API Servers
10 months 3 weeks ago
We analyze a cryptojacking attack campaign exploiting exposed Docker remote API servers to deploy cryptocurrency miners, using Docker images from the open-source Commando project.
Sunil Bharti
TargetCompany’s Linux Variant Targets ESXi Environments
10 months 3 weeks ago
In this blog entry, our researchers provide an analysis of TargetCompany ransomware’s Linux variant and how it targets VMware ESXi environments using new methods for payload delivery and execution.
Darrel Tristan Virtusio
SANS's 2024 Threat-Hunting Survey Review
10 months 3 weeks ago
In its ninth year, the annual SANS Threat Hunting Survey delves into global organizational practices in threat hunting, shedding light on the challenges and adaptations in the landscape over the past year.
Guide to Better Extended Threat Detection and Response (XDR)
10 months 3 weeks ago
Discover how XDR can enhance threat detection and response to improve a SecOps team’s efficiency and outcomes.
It's Time to Up-Level Your EDR Solution
10 months 3 weeks ago
You may have EDR, but did you know you can add threat detection and response to improve a SecOps team’s efficiency and outcomes - read more.
Explore AI-Driven Cybersecurity with Trend Micro, Using NVIDIA NIM
10 months 3 weeks ago
Discover Trend Micro's integration of NVIDIA NIM to deliver an AI-driven cybersecurity solution for next-generation data centers. Engage with experts, explore demos, and learn strategies for securing AI data centers and optimizing cloud performance.
Decoding Water Sigbin's Latest Obfuscation Tricks
10 months 4 weeks ago
Water Sigbin (aka the 8220 Gang) exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against.
Sunil Bharti
RSAC 2024 Review: AI & Data Governance Priorities
10 months 4 weeks ago
Get our take on the RSA 2024 conference where we review some of the major topics covered such as AI and data governance.
Shannon Murphy
Checked
2 hours 53 minutes ago