Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Recent Posts

  • Calendar

    April 2015
    S M T W T F S
    « Mar    
     1234
    567891011
    12131415161718
    19202122232425
    2627282930  
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Targeted Attacks’ Category




    The security of an enterprise is not only dependent on the organization itself, but also on the security of their IT supply chain and contractors. These represent potential weak points into the security of any organization. Third-party contractors and suppliers have been used to compromise larger organizations. Target's breach began with a breach of a contractor involved in heating, ventilation, and air conditioning (HVAC) solutions.  A 2011 hack on Lockheed Martin was blamed in part on information stolen from a hack on ...

    Posted in Targeted Attacks |



    Today, we are publishing a research paper on an ongoing operation launched by a threat actor group known as Rocket Kitten. Rocket Kitten Campaigns We have been able to observe two different campaigns launched by the group, one after the other, which reveal an evolution in the skills of this group. The first of these campaigns has already been exposed at 31C3 by Tillman Werner and Gadi Evron. That campaign started with traditional spear phishing e-mails that use basic social engineering techniques to entice the targeted ...

    Posted in Targeted Attacks |



    Throughout course of my monitoring future and possible targeted attacks, I recently chanced upon a spear-phishing email sent to an undisclosed recipient that contains three seemingly harmless documents. I was curious about the attached documents so I first checked the one titled AlSajana Youth Center financial Report.docx. The so-called financial report turned out to be a non-malicious document (see Figure 1) but the other two attached files struck me as suspicious as well. Their file names were u0627u0644u0645u0639u062Fu064429u0.docx and u0625u0646u062Cu0644u064Au0632u0649.doc. Figure 1. Sample ...




    Information about the overall threat landscape can be gathered from many sources. One useful method is by looking at the overall activity of command-and-control (C&C) servers, as used in botnets, targeted attacks, and in attacks against the broader Internet user base. We are able to combine various threat intelligence sources, including feedback from the Trend Micro™ Smart Protection Network™, to get a glimpse of C&C server activity. (these are displayed in real time on the Global Botnet Map). Our findings below reflect the information ...

    Posted in Targeted Attacks |



    Last week, we released a research paper titled “Operation Arid Viper: Bypassing the Iron Dome” where we detailed two related campaigns. To recall, here are our key findings related to the two campaigns: Palestinian threat actors have staged a targeted attack, Operation Arid Viper, to exfiltrate data from high-profile targets in the Israeli government and have been doing so since mid-2013. The attacks are still on-going, coinciding with the political tension between Israel and Palestinians. Investigation of the Germany-hosted server used in Arid ...

    Posted in Targeted Attacks |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice