• Targeted Attacks

  • Hiding in Plain Sight: A New APT Campaign
  • Backdoor Built With Aheadlib Used In Targeted Attacks?
  • Malicious PDFs On The Rise
  • Targeted Attack Campaign Hides Behind SSL Communication
  • New Wave of PlugX Targets Legitimate Apps
  Bookmark the Threat Intelligence Resources site to stay updated on valuable information you can use in your APT defense strategy

• Mobile

  • Get Free Followers! on Instagram? Get Free Malware, Survey Scams Instead
  • Mobile Ads Pushed by Android Apps Lead to Scam Sites
  • Finding Banking Trojans in Eastern Asia – Report From CeCOS VII
  • How Mobile Malware Uses The Web
  • (Lack of) Android Updates To Come Under FTC Scrutiny?
  For information on all mobile threats and other security risks, see Mobile Threat Information Hub on the Trend Micro Threat Encyclopedia.

Archive for the ‘Data’ Category

Tweet

Jan16

What Would Scammers Want With My Information? 10:20 pm (UTC-7)   |    by Kyle Wilhoit (Threat Researcher)

In passing, I recalled talking to my neighbor where I mentioned working in the area of information security. His next question quickly came out- “Why do these scammers want my information?” The more I’m asked this question, the more apparent it becomes that user information is highly valuable. Would it be surprising to know that it would merely cost $5 (USD) to buy all of your personal information on underground forums and sites? Some of you may also be surprised to ...

Posted in Data | TrackBacks (4) »

Tweet

Jan2	Holiday Season Unwraps Phishing, Blackhole Exploit Attacks 9:26 pm (UTC-7)   |    by Paul Pajares (Fraud Analyst)

Ease is the main reason why users are going online for their purchases, especially during the holiday season. While convenient, online shopping poses risks to users' login credentials and personally identifiable information (PII), as cybercriminals can easily craft phishing attacks that lead to data theft. Using Trend Micro Smart Protection Network™ and other proprietary tools, we identified the top created phishing sites for December 2012. Below is a graph of created spoofed sites limited to 50 popular brand names. Based from the ...

Posted in Data, Mobile, Spam | Comments Off

Tweet

Dec28

What Kind of Targeted Attacks Will We See in 2013? 3:33 pm (UTC-7)   |    by Nart Villeneuve (Senior Threat Researcher)

Now that knowledge of targeted attacks, including APT activity, has become mainstream within the broader security community, I predict that 2013 will be a year in which our assumptions will be challenged. We have already seen how successful so-called “technically unsophisticated” attacks have been over the last few years, and I predict they will continue to be so as they are designed to exploit the human factor as much as, if not more, than technology. In his 2013 predictions, our CTO ...

Posted in Data, Malware, Targeted Attacks | Comments Off

Tweet

Dec4	The Dangers of Posting Credit Cards, IDs on Instagram and Twitter 9:26 am (UTC-7)   |    by Loucif Kharouni (Senior Threat Researcher)

These days, cybercriminals and other bad guys on the Internet may no longer have to use infostealing Trojans to gather data from users. Users intentionally posting pictures of their IDs, credit cards on Twitter and Instagram are already doing the job for them. I’ve been noticing several young people (and even adults) who post pictures of their credit and debit cards on Twitter. But lately, I've also seen tons of these images on the photo sharing site Instagram. Some users even ...

Posted in Data, Mobile, Social Media | TrackBacks (2) »

Tweet

Nov30

News from the Underground: Toolkit/Exploit Kit Developments 9:13 pm (UTC-7)   |    by Loucif Kharouni (Senior Threat Researcher)

In the past year, we've noticed many changes in how toolkits and exploit kits are being used.  For starters, the bad guys are spending more time securing their creations , as well as the servers where their malware will be installed. They do this to prevent leaks, as well as to make things harder for security researchers. Here are some of the more well-known names, and what's happened to them recently. ZeuS ZeuS has technically always been purchased and installed in a relatively secure way. Many of ...

Posted in Data | Comments Off