Trellix

CISOs seeking growth beyond technical and infosec expertise are poised for transformational leadership in their organizations, but what distinguishes a transformational CISO? 💡 It comes down to three critical skills. Explore the eBook from our CISO Council to learn why mastering these skills will set CISOs up for success as they tackle increased reporting responsibilities. https://bit.ly/4i7NMRQ

This #WomensHistoryMonth, we're focusing on the theme 'Accelerate Action' by highlighting the vital role of visibility, access, and opportunity for women. 💙 We are dedicated to making women visible and creating a more equitable future for all, so we asked a few women leaders at Trellix to share their personal insights. More from Katie Ruiters, Kristin Eckels, Paola Chadwell, and Trish Tobin via the blog. https://bit.ly/4bGvSTS

Want a look at the capabilities of Trellix solutions? Access our library of 30-minute Trellix On-Demand Tech Talks to get a peek inside the industry’s most comprehensive portfolio of cybersecurity solutions. 👉 https://bit.ly/3EzZwh3

Spring is here, and so are this week’s latest cybersecurity threats, thanks to the Trellix Advanced Research Center. 🌻🌱 https://bit.ly/46JIoxB 1️⃣ Threat Profile: Sandworm Team Threat level: High 🟥 The Sandworm Team is a highly sophisticated cyber-espionage and cyber-warfare group believed to be associated with the Russian military intelligence agency GRU (Main Intelligence Directorate). 2️⃣ OBSCURE#BAT Campaign Deploys Stealthy r77 Rootkit Threat level: Medium 🟧 The OBSCURE#BAT malware campaign targets English-speaking users. Key features include the ability to mask files, processes, & registry entries, monitoring of user activities, & anti-analysis capabilities. 3️⃣ SocGholish Malware Enables RansomHub Ransomware Distribution Threat level: Medium 🟧 SocGholish operates as a malware-as-a-service framework, enabling RansomHub ransomware attacks through a multi-stage infection chain, targeting US government, banking, & consulting sectors. 4️⃣ SideWinder APT Targets Maritime And Nuclear Sectors Threat level: Medium 🟧 SideWinder APT employed an infection chain with spear-phishing emails & exploited CVE-2017-11882, focusing on maritime infrastructure, logistics companies, & nuclear sector organizations. 5️⃣ ClickFix Social Engineering Technique Used To Exploit Victims Via Fake Captcha Threat level: Medium 🟧 ClickFix exploits user trust by presenting fake security checks (commonly reCAPTCHA) that automatically copy malicious PowerShell commands to users' clipboards. 6️⃣ Threat Profile: LummaC2 Stealer Threat level: Medium 🟧 LummaC2 Stealer is specifically designed to target both Chromium and Mozilla-based web browsers, with a focus on compromising crypto wallets, browser extensions, and two-factor authentication (2FA) mechanisms. 7️⃣ Booking.com Phishing Campaign Delivers Credential-Stealing Malware Suite Threat level: Medium 🟧 The campaign impersonates Booking.com and employs the ClickFix social engineering technique to trick users into executing malicious commands through Windows Run. 8️⃣ Blind Eagle APT Uses Double Extension Files To Compromise Colombian Targets Threat level: Medium 🟧 Blind Eagle APT conducted a cyber campaign targeting Colombian institutions from Nov. 24 – Feb. 25, with over 1,600 infections in one wave. 9️⃣ Medusa Ransomware Attacks Continue To Increase Threat level: Medium 🟧 The Medusa ransomware operation has shown consistent growth since 2023, with attacks increasing 42% from 2023-2024, using consistent TTPs, including exploiting Microsoft Exchange vulns for initial access. 🔟 Mirai Botnet Exploits Edimax Cameras Through Command Injection Threat level: Low 🟨 Multiple Mirai botnet variants were uncovered exploiting a command injection vulnerability (CVE-2025-1316) in Edimax IoT cameras.

Happy #WinningWednesday! 🏆 #TeamTrellix is proud to provide advanced threat protection with our Endpoint Security Suite.  In these Gartner Peer Experiences reviews, customers highlight Trellix Endpoint Security’s remarkable features and reliability. Learn more via #GartnerPeerInsights.   🤝 Supportive: https://gtnr.io/8PHHwYobi  ✅ Easy to use: https://gtnr.io/ZQrEHgHEb  🔐 Advanced threat protection: https://gtnr.io/8nNKB5nD5 

Trellix Data Security provides the tools to protect, comply, and simplify security within organizations. See how we provide real-time visibility and management within a single console in our virtual product tour. https://bit.ly/3A2okMG

Telegram user @/ExploitWhispers recently leaked Black Basta RaaS Matrix chat logs, citing potential involvement with attacks on Russian banks. 📲 Our analysis didn’t confirm those specific claims, but did identify: ✔️ Two physical offices in Moscow ✔️ Use of AI to conduct fraud ✔️ Collaboration with other malware families, including Rhysida & Cactus Read the full analysis via the Advanced Research Center blog by Head of Threat Intelligence John Fokker and Security Researcher Jambul Tologonov. ➡️ https://bit.ly/4hLfN0u

Cobalt Strike has been the primary tool used by threat actors, but now, it’s use is decreasing due to the work of Fortra, Microsoft, and Health-ISAC. Through targeted takedowns and strategic infrastructure disruption, these companies banded together to drastically reduce this program’s misuse. See how this shift marks a significant win for cybersecurity defenders. ➡️ https://bit.ly/4iurmtN

The proof is in the results. 📊 AV-TEST's November-December 2024 test cycle results are something worth celebrating — Trellix Endpoint Security not only received a perfect score but also secured the Top Product award! 🥇 View the full report here. https://bit.ly/4aJKgKm

For many CISOs, reporting to their organization’s board is a relatively recent phenomenon — one that requires preparation, confidence, and an ability to present cybersecurity updates in terms of business investments and resilience rather than incidents and risks. 💡 📖 Founded on the principle of information sharing, the Trellix CISO Council unites global influential leaders to educate the industry. Our latest eBook, Reporting to the Board: A Best Practices Guide, offers expert recommendations and resources and is designed to be a guiding light for CISOs as they navigate this new frontier. https://bit.ly/4i7NMRQ