Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Recent Posts

  • Calendar

    May 2015
    S M T W T F S
    « Apr    
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  
  • Email Subscription

  • About Us


    Archive for the ‘Targeted Attacks’ Category




    In an interesting turn of events, a C&C used in the Carbanak targeted attack campaign now resolves to an IP linked to the Russian Federal Security Service (FSB). Yesterday, while checking the indicator of compromise (IOC) data from the Carbanak report, when I noticed that the domain name systemsvc.net (which was identified as a C&C server in the report) now resolves to the IP address 213.24.76.23. When I checked for related information, I found that the said IP is under ASN AS8342 RTCOMM-AS OJSC RTComm.RU and its identified location ...

    Posted in Targeted Attacks |



    East Asian government agencies came under siege when attackers targeted several servers within their networks. The said attackers, who showed familiarity and in-depth knowledge of their agencies’ network topology, tools, and software, were able to gain access to their targeted servers and install malware. After which, they used the compromised servers not only as gateways to the rest of the network but also as C&C servers. This particular attack has been active since 2014. The attackers tried to maintain their presence in ...

    Posted in Targeted Attacks |



    Major government sectors and corporations in both Taiwan and the Philippines have become the latest targets in an ongoing attack campaign in the Asia Pacific region. The threat actors behind Operation Tropic Trooper—we named specifically for its choice of targets—aim to steal highly classified information from several Taiwanese government ministries and heavy industries as well as the Philippine military. Throughout March to May 2015, our researchers noted that 62% of the Tropic Trooper-related malware infections targeted Taiwanese organizations while the remaining ...

    Posted in Targeted Attacks |



    Proper network segmentation is the most critical proactive step in protecting networks against targeted attacks.  It is also important for organization to properly identify and categorize their own users and the networks they access. This is an important task as it allows an administrator to properly segment both user privileges and network traffic. Some users will have limited access to sensitive company networks; similarly some networks can be meant for more widely distributed data with other networks. This makes the task of ...

    Posted in Targeted Attacks |



    If you've read enough crime novels or seen enough action movies, the plot is all too familiar to you: an insider - acting to correct some slight or insult he or she received years ago - turns against an organization and inflicts significant damage. Sometimes the insider is on the side of the good guys, sometimes on the bad guys. This makes perfect sense. An insider knows exactly how an organization does things, what they consider valuable, and how they will ...



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice