Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Recent Posts

  • Calendar

    June 2015
    S M T W T F S
    « May    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • Email Subscription

  • About Us


    Archive for the ‘Targeted Attacks’ Category




    If you've read enough crime novels or seen enough action movies, the plot is all too familiar to you: an insider - acting to correct some slight or insult he or she received years ago - turns against an organization and inflicts significant damage. Sometimes the insider is on the side of the good guys, sometimes on the bad guys. This makes perfect sense. An insider knows exactly how an organization does things, what they consider valuable, and how they will ...




    Long-running APT campaign Operation Pawn Storm has begun the year with a bang, introducing new infrastructure and zeroing in on targets including North Atlantic Treaty Organization (NATO) members and even the White House. This is according to the latest intelligence gleaned from Trend Micro’s ongoing research into the attack group, and comes as a follow-up to our widely publicized October 2014 report. Operation Pawn Storm: A Background Operation Pawn Storm is an active economic and political cyber-espionage operation that targets a wide ...



    Apr13
    7:13 pm (UTC-7)   |    by

    2014 was a year in which we saw further refinements in targeted attack methodologies. As more organizations upgraded to newer versions of Windows, we saw the increased use of 64-bit malware in several campaigns. Examples of 64-bit malware include HAVEX, a remote access Trojan (RAT) used in a campaign that targeted industrial control systems (ICS), and WIPALL, the notorious malware behind the Sony Pictures hack. The move to newer versions of Windows also led to the abuse of legitimate tools/features in attacks. An ...




    A malware that is being tied to the recent cyber attack in France is detected by Trend Micro as a variant of the NJWORM/Kjw0rm remote access Trojan (RAT). This malware (with the MD5 hash of 2962c44ce678d6ca1246f5ead67d115a), which we detect as VBS_KJWORM.SMA, is backdoor that may have been around since 2014. Ties to previous targeted attacks Our initial analysis showed that VBS_KJWORM.SMA was created by a hacking tool named Sec-wOrm 1.2 Fixed vBS Controller. This is a RAT generator that we detect as HKTL_KJWORM. It ...

    Posted in Targeted Attacks |



    The security of an enterprise is not only dependent on the organization itself, but also on the security of their IT supply chain and contractors. These represent potential weak points into the security of any organization. Third-party contractors and suppliers have been used to compromise larger organizations. Target's breach began with a breach of a contractor involved in heating, ventilation, and air conditioning (HVAC) solutions.  A 2011 hack on Lockheed Martin was blamed in part on information stolen from a hack on ...

    Posted in Targeted Attacks | Comments Off on Securing The IT Supply Chain


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice