Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Recent Posts

  • Calendar

    May 2015
    S M T W T F S
    « Apr    
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  
  • Email Subscription

  • About Us


    Archive for the ‘Targeted Attacks’ Category




    If you've read enough crime novels or seen enough action movies, the plot is all too familiar to you: an insider - acting to correct some slight or insult he or she received years ago - turns against an organization and inflicts significant damage. Sometimes the insider is on the side of the good guys, sometimes on the bad guys. This makes perfect sense. An insider knows exactly how an organization does things, what they consider valuable, and how they will ...




    Long-running APT campaign Operation Pawn Storm has begun the year with a bang, introducing new infrastructure and zeroing in on targets including North Atlantic Treaty Organization (NATO) members and even the White House. This is according to the latest intelligence gleaned from Trend Micro’s ongoing research into the attack group, and comes as a follow-up to our widely publicized October 2014 report. Operation Pawn Storm: A Background Operation Pawn Storm is an active economic and political cyber-espionage operation that targets a wide ...

    Posted in Malware, Targeted Attacks |


    Apr13
    7:13 pm (UTC-7)   |    by

    2014 was a year in which we saw further refinements in targeted attack methodologies. As more organizations upgraded to newer versions of Windows, we saw the increased use of 64-bit malware in several campaigns. Examples of 64-bit malware include HAVEX, a remote access Trojan (RAT) used in a campaign that targeted industrial control systems (ICS), and WIPALL, the notorious malware behind the Sony Pictures hack. The move to newer versions of Windows also led to the abuse of legitimate tools/features in attacks. An ...




    A malware that is being tied to the recent cyber attack in France is detected by Trend Micro as a variant of the NJWORM/Kjw0rm remote access Trojan (RAT). This malware (with the MD5 hash of 2962c44ce678d6ca1246f5ead67d115a), which we detect as VBS_KJWORM.SMA, is backdoor that may have been around since 2014. Ties to previous targeted attacks Our initial analysis showed that VBS_KJWORM.SMA was created by a hacking tool named Sec-wOrm 1.2 Fixed vBS Controller. This is a RAT generator that we detect as HKTL_KJWORM. It ...

    Posted in Targeted Attacks |



    The security of an enterprise is not only dependent on the organization itself, but also on the security of their IT supply chain and contractors. These represent potential weak points into the security of any organization. Third-party contractors and suppliers have been used to compromise larger organizations. Target's breach began with a breach of a contractor involved in heating, ventilation, and air conditioning (HVAC) solutions.  A 2011 hack on Lockheed Martin was blamed in part on information stolen from a hack on ...

    Posted in Targeted Attacks |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice