Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    December 2014
    S M T W T F S
    « Nov    
     123456
    78910111213
    14151617181920
    21222324252627
    28293031  
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Targeted Attacks’ Category




    Pawn Storm is an active economic and political cyber-espionage operation targeting a wide range of entities, mostly those related to the military, governments, and media. Specific targets include: Military agencies, embassies, and defense contractors in the US and its allies Opposition politicians and dissidents of the Russian government International media The national security department of a US ally The cyber criminals behind Operation Pawn Storm are using several different attack scenarios: spear-phishing emails with malicious Microsoft Office documents lead to SEDNIT/Sofacy malware, very selective exploits injected into legitimate websites that ...

    Posted in Malware, Targeted Attacks |



    Using cloud-based sharing sites is not a new routine for bad guys. Aside from providing free storage for their malicious files, these legitimate sites are used to evade security vendors and researchers. We have seen malware that have taken advantage of these sites, such as DropBox, Sendspace, and Evernote. We can now include Google Drive to the list of “abused” sites. We recently came across malware, detected as TSPY_DRIGO.A, that uses Google Drive as one way of siphoning information from its victims. Access ...

    Posted in Malware, Targeted Attacks | Comments Off



    Recent data breaches in big enterprises like large banks and retail chains make one thing clear: data privacy and protection is a concern for all organizations, not just large ones. If  large enterprises with plenty of available resources can be affected by attacks and lose their data, smaller organizations without these resources are at risk as well. Users are not just worried about whether their data is secure; today they are also worrying if their data will be used properly by the sites and ...

    Posted in Targeted Attacks | Comments Off



    On October 14th, a report was publicly released regarding the Sandworm team.  After beginning an investigation into the affiliated malware samples and domains, we quickly came to realization that this group is very likely targeting SCADA-centric victims who are using GE Intelligent Platform’s CIMPLICITY HMI solution suite.   We have observed this team utilizing .cim and .bcl files as attack vectors, both of which file types are used by the CIMPLICITY software.  As further proof of the malware targeting CIMPILICITY, it drops ...




    When it comes to targeted attacks, attackers are not omniscient. They need to gather information in the early stages to know the target they may gather information from various sources of intelligence, like Google, Whois, Twitter, and Facebook. They may gather data such as email addresses, IP ranges, and contact lists. These will then be used as lure for phishing emails, which inevitably result in gaining access in the targeted organization’s network. Once inside, the attackers will begin the lateral movement stage. In ...

    Posted in Targeted Attacks | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice