Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    November 2014
    S M T W T F S
    « Oct    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Targeted Attacks’ Category




    In our recently released report, Operation Pawn Storm, we talked about an operation that involved three attack scenarios. For this post, we will talk about the third scenario: phishing emails that redirect victims to fake Outlook Web Access login pages. What's most notable about this is that it is simple, effective, and can be easily replicated. Through one line of simple Javascript code, the millions of Outlook Web Access (OWA) users are placed at risk of becoming a victim of a clever but simple ...




    Despite the availability of fixes related to the Sandworm vulnerability (CVE-2014-4114), we are still seeing new attacks related to this flaw. These attacks contain a new routine that could prevent detection. A New Evasion Technique In our analysis of the vulnerability, we noted this detail: “…[T]he vulnerability exists in PACKAGER.DLL, which is a part of Windows Object Linking and Embedding (OLE) property. By using a crafted PowerPoint document, an .INF file in embedded OLE object can be copied from a remote SMB share ...




    Pawn Storm is an active economic and political cyber-espionage operation targeting a wide range of entities, mostly those related to the military, governments, and media. Specific targets include: Military agencies, embassies, and defense contractors in the US and its allies Opposition politicians and dissidents of the Russian government International media The national security department of a US ally The cyber criminals behind Operation Pawn Storm are using several different attack scenarios: spear-phishing emails with malicious Microsoft Office documents lead to SEDNIT/Sofacy malware, very selective exploits injected into legitimate websites that ...

    Posted in Malware, Targeted Attacks |



    Using cloud-based sharing sites is not a new routine for bad guys. Aside from providing free storage for their malicious files, these legitimate sites are used to evade security vendors and researchers. We have seen malware that have taken advantage of these sites, such as DropBox, Sendspace, and Evernote. We can now include Google Drive to the list of “abused” sites. We recently came across malware, detected as TSPY_DRIGO.A, that uses Google Drive as one way of siphoning information from its victims. Access ...

    Posted in Malware, Targeted Attacks |



    Recent data breaches in big enterprises like large banks and retail chains make one thing clear: data privacy and protection is a concern for all organizations, not just large ones. If  large enterprises with plenty of available resources can be affected by attacks and lose their data, smaller organizations without these resources are at risk as well. Users are not just worried about whether their data is secure; today they are also worrying if their data will be used properly by the sites and ...

    Posted in Targeted Attacks |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice