Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit

Trend Micro – Trend Micro – Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit We look into a recent attack orchestrated by the Black…

Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware

Trend Micro – Trend Micro – Lateral movement to machines in the network After the initial infection with Cobalt Strike, we observed that the threat actor dropped node.exe, which is…

Conti vs. LockBit: A Comparative Analysis of Ransomware Groups

Trend Micro – Trend Micro – Conti vs. LockBit: A Comparative Analysis of Ransomware Groups Ransomware We compare the targeting and business models of the Conti and LockBit ransomware groups…

Private Network 5G Security Risks & Vulnerabilities

Trend Micro – Trend Micro – The move towards 5G is accelerating as enterprises seek greater security, flexibility, and reliability in 5G than earlier cellular, wireless, or wired connectivity. And…

Trend Micro CEO Discusses Need for a Unified Cybersecurity Platform

Trend Micro – Trend Micro – Trend Micro CEO Discusses Need for a Unified Cybersecurity Platform Risk Management In the face of evolving cyberattacks, an ever-expanding digital attack surface, and…

Security 101: Cloud-native Virtual Patching

Trend Micro – Trend Micro – As an enterprise’s online infrastructures become more complex — from their decentralization to the adoption of cloud, mobile, and internet-of-things (IoT) technologies — patch…

Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques

Trend Micro – Trend Micro – Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques Trend Micro Research observed the resurgence of the Cuba ransomware group that launched a…

Closing the Door: DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme

Trend Micro – Trend Micro – The dark blue line in the survival analysis in Figure 8 shows the date range when victims paid the ransom amount. In this analysis,…

YourCyanide: A CMD-based Ransomware With Multiple Layers of Obfuscation

Trend Micro – Trend Micro – GONNACOPE     File SHA256 Detection GonnaCope.Bat ab71472e5a66740369c70715245a948d452a59ea7281233d6ad4c53dfa36b968 Trojan.BAT.GONNACOPE.A GonnaCope.Bat 0dff760288b3dfebc812761a2596563e5f0aea8ffc9ca4a4c26fa46e74311122 Ransom.BAT.GONNACOPE.THEOEBB GonnaCopeDL f9fdfb0d4e2d2ea06ce9222280cd03d25c9768dfa502b871846153be30816fd3 Trojan.MSIL.GONNACOPE.A GonnaCopeCryptor 2987b5cacc9de6c3a477bd1fc21b960db3ea8742e3b46906d134aa8b73f17280 Ransom.MSIL.GONNACOPE.YXCEE GonnaCope 7388722c3a19854c1ccf19a92798a7cef0efae538e8e8ecf5e79620e6a49cea7 TrojanSpy.MSIL.GONNACOPE.A GonnaCopeRansNote 7edb2d152d8744343222b1b93ff846616fc3ca702e96c7e7a3663d2d938d8374 Ransom.MSIL.GONNACOPE.A.note…

INTERPOL hauls in alleged Nigerian cybercrime ringleader

Written by Tonya Riley May 25, 2022 | CYBERSCOOP The cybercrime unit of the Nigeria Police Force alongside INTERPOL arrested a 37-year-old Nigerian man for allegedly running a massive cybercrime…