Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    October 2014
    S M T W T F S
    « Sep    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Targeted Attacks’ Category




    We have been investigating the MIRAS malware family, which was recently linked to attacks that targeted a Europe-based IT company. Our analysis shows that MIRAS, or BKDR64_MIRAS.B is a 64-bit malware that was used for the data exfiltration stage in a targeted attack. MIRAS is available in 32-bit (BKDR_MIRAS.B) and 64-bit (BKDR64_MIRAS.B) Windows operating systems. An analysis of BKDR64_MIRAS.B To serve as an overview for MIRAS, the backdoor’s capabilities mainly include file/system manipulation, which indicates that attackers know the victim's credentials. Apart from the backdoor's information-stealing routines, it appears ...

    Posted in Malware, Targeted Attacks |



    Last month we released a paper on backdoor techniques which highlighted the importance of setting up your network properly to detect and block C&C communication. In this post, I will share some rules that IT administrators can proactively implement in order to set up "basic defense" for their network. I say basic here because these rules are not meant to cover all types of suspicious activity within the network -- just some that I think are more likely to be missed. Detect services that ...

    Posted in Targeted Attacks |



    Home Depot has confirmed via their corporate website that their payment systems were breached. This followed reports last week, which suggested that Russian and Ukrainian cybercriminals had successfully breached the Atlanta-based retailer's PoS terminals. The statement offered full details, but suggested the breach affected users who shopped at their US and Canadian branches from April onwards. Home Depot's investigation began on September 2, which indicates a worse-case scenario of a breach of four to five months. It has been claimed that up the information ...

    Posted in Malware, Targeted Attacks |



    Last July, the US Department of Homeland Security warned of a new kind of criminal attack: "Google dorking". This refers to asking Google for things they have found via special search operators. Let's look closely and see what this is. Google finds things online using a program that accesses web sites: the Google web crawler, called the Googlebot. When the Googlebot examines the web and finds "secret" data, it adds it to Google's database just like any other kind of information. If it's ...

    Posted in Targeted Attacks |



    Being able to adapt to change is one of the most important abilities in security today, mostly because attacks to defend against are able to do the same. The sophistication of current threats is mainly seen in their skill to adjust based on the weaknesses of the environment they are targeting. In this post, we will try to see networks the way attackers see them -- through their vulnerabilities -- and turn these around into guides for how IT administrators should protect their network. People are ...

    Posted in Targeted Attacks |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice