Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2014
    S M T W T F S
    « Jun    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Targeted Attacks’ Category




    Vulnerabilities, particularly zero-days, are often used by threat actors as the starting point for targeted attacks. This was certainly the case for a (then) zero-day vulnerability (CVE-2014-1761) affecting Microsoft Word. In its security advisory released last March, Microsoft itself acknowledged that the vulnerability was being used in “limited, targeted attacks.” Microsoft has since patched this vulnerability as part of its April Patch Tuesday. However, the existence of a patch has not deterred threat actors from exploiting this vulnerability. We are still ...




    The year so far has been a particularly stressful one for enterprise IT staff. Early in the year, concerns over data breaches and point of sale POS malware gave retailers something to worry about. The long-simmering headache of Windows XP migration came to a head when support for the venerable OS ended in April. That would normally have been the security headline of the month, but a vulnerability in OpenSSL known as Heartbleed reared its less than welcome head. All in all, then, IT ...

    Posted in Data, Targeted Attacks | Comments Off



    It is an interesting time to be in IT security today. PRISM and Edward Snowden taught many lessons about how companies should secure their data. There's been a lot of discussion about the surveillance aspect of this, but consider this whole affair from the side of the NSA. To the NSA, this was a data breach of unprecedented proportions. All indications are that Snowden was able to exfiltrate a significant amount of classified data; what has been published so far represents ...

    Posted in CTO Insights, Data, Targeted Attacks | Comments Off



    Microsoft has released a security bulletin announcing of a zero-day vulnerability affecting Microsoft Word. Furthermore, the company states that there are “limited, targeted attacks directed at Microsoft Word 2010.” If exploited, this vulnerability (CVE-2014-1761) could allow a remote attacker to execute commands remotely via specially crafted files and email messages. Microsoft has also released preliminary details of the vulnerability and the exploit code. The vulnerability is exploited if a user opens an RTF file in Microsoft Word or previews or opens ...




    Recently, a mass stabbing incident in Kunming, China left 29 victims dead. We came across an email which used this incident as social engineering bait. To appear legitimate, the message talks about the incident at length and cites several news outlets as its sources. It encourages the user to open the attached document for more information. The document is entitled “Violent terror attack,” probably named as such to pique the recipient’s interest. Figure 1. Spammed message The attached document is actually malicious, and ...

    Posted in Malware, Spam, Targeted Attacks | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice