A China-aligned threat group is exploiting unpatched Microsoft Exchange vulnerabilities to conduct cyberespionage against government and critical infrastructure targets across Asia and beyond.
In November, a targeted spear-phishing campaign was observed using Trend Micro-themed lures against various industries, but this was quickly detected and thwarted by the Trend Vision Oneβ’ platform.
Trendβ’ Research examines the complex collaborative relationship between China-aligned APT groups via the new βPremier Pass-as-a-Serviceβ model, exemplified by the recent activities of Earth Estries and Earth Naga.
In this blog entry, we discuss how Shadowpad is being used to deploy a new undetected ransomware family. Attackers deploy the malware by exploiting weak passwords and bypassing multi-factor authentication.
Trend Microβs monitoring of the MOONSHINE exploit kit revealed how itβs used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.
Login
