Product Research

Security is alive and evolving.

The product research teams within the Trellix Advanced Research Center support our efforts to provide the best security outcomes to our customers by informing the innovation of and roadmap for our XDR ecosystem, as well as improving the efficacy of our products against emerging threats and tradecraft. We support the full portfolio of Trellix detection and prevention products including Email Security, Endpoint Security (ENSEDR, and HX), Network Security (NX), Network Intrusion Prevent System, Sandbox (Detection as a Service, Advanced Threat Detection), and XDR (Helix).

Research Spotlight

Qakbot Evolves to OneNote Malware Distribution

Since the end of January 2023, there has been an upsurge in the number of Qakbot campaigns using a novel delivery technique: OneNote documents for malware distribution. Moreover, the Trellix Advanced Research Center has detected various campaigns that used OneNote documents to distribute other malware such as AsyncRAT, Icedid, XWorm etc.

Más información

Email Cyberattacks on Arab Countries Rise in Lead to Global Football Tournament

Email security researchers from the Trellix Advanced Research Center have found attackers to be leveraging FIFA and football-based campaigns to target organizations in Arab countries.

Más información

2022 Election Phishing Attacks Target Election Workers

Trellix identifies cyber threat actors targeting election workers in much the same way election deniers seek to intimidate these workers in the physical realm.

Más información

Countering Follina Attack (CVE- 2022-30190) with Trellix Network Security Platform’s Advanced Detection Features

In this blog, we outline how Trellix NSP's advance detection features can address attacks like Follina (CVE-2022-30190) and how it can be applied to detect complete attack cycle using multiple attack correlation capability.

Más información

Al otro lado de las vulnerabilidades de corrupción de memoria: extinción de la seguridad y futuro de la explotación

Blog outlines how the memory corruption exploits will slow down due to the mitigations introduced and predicts how the attacks are going to shape up in future . Based on the exploitation trends noticed over the recent years , blog outlines some of the critical vulnerabilities over the last few quarters and predicts the exploitation strategies of the future.

Más información

Exploiting Tragedy: Fake Donation Scams Amid Earthquake in Turkey & Syria

The recent earthquake that shook Syria and Turkey left a devastating trail of destruction. The whole world has shown its support and solidarity, attempting to bring those impacted by the tragedy to a state of normalcy. Unfortunately, this tragedy has also attracted cybercriminals looking to take advantage of the people’s sympathy with fake donation scams.

Más información