Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO Ransomware The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact. By: Nathaniel Morales, Katherine Casona, Ieriz Nicolle Gonzalez, Ivan Nicole Chavez, Maristel Policarpio, Jacob Santos March 04, 2024 Read time: ( words) The RA World […]
Trend Micro discovered a new attack campaign exploiting the now-patched security bypass bug (CVE-2023-36035) in Windows SmartScreen to spread a new strain of the Phemedrone Stealer. The malware targets cryptocurrency wallets and messaging apps, including Telegram, Steam, and Discord. Diving into details The Phemedrone Stealer infection begins with the attacker placing a set of malicious […]
Trend Micro observed the Water Curupira actively propagating the Pikabot loader malware as part of campaigns, more aggressively in Q4 2023. Water Curupira is a Black Basta ransomware affiliate. Diving into Details Pikabot gained notoriety for its sophisticated multi-stage attack mechanism, capable of deploying a decrypted shellcode that extracts another DLL file, the actual payload. […]
Rivers Casino Des Plaines hit by major data breach Cyber-attacks on gambling companies appear to be a trend among hackers, as last week, the owners of Rivers Casino Des Plaines reported a cyber incident. The data breach reportedly stayed unnoticed for months – it happened in August but was discovered and patched in November. Rivers […]
Microsoft says four Exchange vulnerabilities disclosed by Trend Micro’s Zero Day Initiative (ZDI) last week have either already been patched or they don’t require immediate attention. ZDI disclosed the existence of four high-severity Exchange vulnerabilities identified by the company’s Piotr Bazydlo after being informed by Microsoft that the issues do not require immediate servicing. According […]
The SlashNext State of Phishing Report 2023 has unveiled a concerning trend in the cybersecurity landscape, revealing a 1265% surge in malicious phishing emails since Q4 2022. The annual report, compiled by SlashNext Threat Labs, encompasses an analysis of threats observed across email, mobile and browser channels over 12 months, from Q4 2022 to Q3 2023. […]
Sep 30, 2023THNRansomware / Cyber Threat The U.S. Federal Bureau of Investigation (FBI) is warning of a new trend of dual ransomware attacks targeting the same victims, at least since July 2023. “During these attacks, cyber threat actors deployed two different ransomware variants against victim companies from the following variants: AvosLocker, Diamond, Hive, Karakurt, LockBit, […]
Sep 20, 2023THNZero Day / Vulnerability Cybersecurity company Trend Micro has released patches and hotfixes to address a critical security flaw in Apex One and Worry-Free Business Security solutions for Windows that has been actively exploited in real-world attacks. Tracked as CVE-2023-41179 (CVSS score: 9.1), it relates to a third-party antivirus uninstaller module that’s bundled […]
Espionage actors are continuing to mount attacks on critical national infrastructure (CNI) targets, a trend that has become a source of concern for governments and CNI organizations worldwide. Symantec’s Threat Hunter Team has found evidence that a threat actor group Symantec calls Redfly used the ShadowPad Trojan to compromise a national grid in an Asian […]