Analyzing AsyncRAT’s code injection into aspnet_compiler.exe across multiple incident response cases

During their recent investigations, the Trend Micro Managed XDR (MxDR) team handled various cases involving AsyncRAT, a Remote Access Tool (RAT) with multiple capabilities,  such as keylogging and remote desktop control, that make it a substantial threat to victims. This Read More …

TA571 Delivers IcedID Forked Loader

Proofpoint researchers identified TA571 delivering the Forked variant of IcedID in two campaigns on 11 and 18 October 2023. Both campaigns included over 6,000 messages, each impacting over 1,200 customers in a variety of industries globally. Emails in the campaigns Read More …

Cyberattacks against the aviation industry linked to Nigerian threat actor

Researchers have unmasked a lengthy campaign against the aviation sector, beginning with the analysis of a Trojan by Microsoft. On May 11, Microsoft Security Intelligence published a Twitter thread outlining a campaign targeting the “aerospace and travel sectors with spear-phishing Read More …

Airline Credential-Theft Takes Off in Widening Campaign

A two-year-old espionage campaign against the airline industry is ongoing, with AsyncRAT and other commodity remote-access trojans (RATs) helping those efforts take flight. The campaign can effectively be a bird strike to the business engine, so to speak, resulting in Read More …

Fresh Loader Targets Aviation Victims with Spy RATs

A cyberattack campaign that goes after aviation targets has been uncovered, which is spreading remote access trojan (RAT) malware bent on cyber-espionage. Researchers from Microsoft said this week on Twitter that spear-phishing emails are the main attack vector. Individuals in Read More …