We discovered a variant of the Trickbot banking trojan (detected by Trend Micro as TrojanSpy.Win32.TRICKBOT.THDEAI) using a redirection URL in a spam email. The redirection URL is a way to sidestep spam filters that may block Trickbot at the onset.
Read More
We discovered the Confluence vulnerability CVE-2019-3396 being used to deliver a cryptocurrency-mining malware containing a rootkit that was designed to hide its activities.
Read More
We uncovered a recent activity involving the notorious online credit card skimming attack known as Magecart. The attack, facilitated by a new cybercrime group, impacted 201 online campus stores in the United States and Canada.
Read More
Our honeypot sensors recently detected an AESDDoS botnet malware variant (detected by Trend Micro as Backdoor.Linux.AESDDOS.J) exploiting a server-side template injection vulnerability (CVE-2019-3396) in the Widget Connector macro in Atlassian Confluence Server, a collaboration software program used by DevOps professionals.
Read More Over the years, Emotet, the banking malware discovered by Trend Micro in 2014, has continued to be a prevalent and costly threat. Recently, an analysis of Emotet traffic has revealed that new samples use a different POST-infection traffic than previous versions. It seems Emotet actors are looking for new ways to evade detection.
Read More