Daniel Lunghi
Threat researcher at Trend Micro mostly focused on APT
- We investigated an #APT with links to Void Rabisu (Romcom) that used Trend Micro updates as a lure in a recent campaign involving vulnerability exploitation. There were at least 4 stages before the final payload, some of them being tailored to the targeted machine www.trendmicro.com/en_us/resear...
- We saw Earth Estries, an advanced #APT intrusion set, sharing its access to Earth Naga (Flax Typhoon). We introduce the term "Premier Pass" to describe this behavior, and propose a four-tier classification framework for collaboration types among advanced groups www.trendmicro.com/en_us/resear...
- We released a report on an updated version of #Shadowpad including anti-debugging features and new configuration structure, that in some cases deploy a custom ransomware family. We have mainly seen the manufacturing industry being targeted in Europe and Asia www.trendmicro.com/fr_fr/resear... #APT
- Intelligence Online links the MOONSHINE framework that we discussed in our Earth Minotaur report (www.trendmicro.com/en_us/resear...) to a Chinese company www.intelligenceonline.com/surveillance... (article is free but needs registration to access it). Happy new year UPSEC ! 😘
- Reposted by Daniel Lunghi[Not loaded yet]
