Trend Micro

NukeSped Copies Fileless Code From Bundlore, Leaves It Unused

While investigating samples of NukeSped, a remote access trojan (RAT), Trend Micro came across several Bundlore adware samples using the same fileless routine that was spotted in NukeSped.

Threat Actors in Recent Campaign Pose as Darkside to Target Energy and Food Sectors

The content of the emails led researchers to believe that they did not come from Darkside, but from an attacker trying to profit off the current situation around DarkSide ransomware activities.

Bash Ransomware DarkRadiation Targets Red Hat and Debian-based Linux Distributions

Most components of this ransomware attack mainly target Red Hat and CentOS Linux distributions; however, in some scripts, Debian-based Linux distributions are included as well.

TeamTNT Targets Kubernetes Clusters and Infiltrates Nearly 50,000 IPs in Worm-like Attack

Most of the compromised nodes were from China and the United States — identified in the ISP list, which had Chinese and US-based providers as the highest hits, including some CSPs.

TeamTNT’s Extended Credential Harvester Targets Cloud Services, Other Software

The cybercriminal group TeamTNT is no stranger to targeting cloud containers, expanding their arsenal to steal cloud credentials, and exploring other environments and intrusive activities.

How Cybercriminals Abuse OpenBullet for Credential Stuffing

As the business of acquiring unique credentials continues to become more lucrative, cybercriminals are growing their attack tools and techniques by abusing legitimate software for nefarious purposes.

Deepfakes Are Getting Closer to Reality

Several positive steps continue to be taken by organizations such as the European Union and the U.S. FTC to curb possible malicious uses and abuses of AI via new regulations.

Water Pamola Campaign Targeted E-Commerce Sites in Japan, Australia, and Europe via Malicious Orders

Water Pamola sent online shopping orders appended with a malicious XSS script to attack e-commerce administrators. These scripts were managed with an XSS attack framework called "XSS.ME."

Tor-Based Botnet Malware Targets Linux Systems, Abuses Cloud Management Tools

As Linux attracts more attention from malicious actors, researchers have seen threats evolving — abusing services like Ngrok and using functions to hunt and kill other competing malware.

Chopper ASPX web shell used in targeted attack

Web shells can be embedded on servers and can be used by attackers to launch arbitrary code. In as little as 15 bytes, web shells can enable remote administration of an infected machine or system.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags