Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    April 2014
    S M T W T F S
    « Mar    
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Targeted Attacks’ Category




    Data exfiltration is the unauthorized transfer of sensitive information from a target’s network to a location which a threat actor controls. Because data routinely moves in and out of networked enterprises, data exfiltration can closely resemble normal network traffic, making detection of exfiltration attempts challenging for IT security groups. Figure 1. Targeted Attack Campaign Diagram Related Costs of Exfiltrated Data The costs of cyber-espionage to a target organization is only clear after the fact. Risk calculators typically consider the up-front expenses of breach ...

    Posted in Data, Targeted Attacks | Comments Off



    There are various reasons why targeted attacks can happen to almost any company. One of the biggest reasons is theft of a company’s proprietary information. There are many types of confidential data that could be valuable. Intellectual property is often the first thing that comes to mind. There are also other, less obvious items of value that can be acquired: for example financial information, employee and customer personal information, information related to pending sales, financial deals, and legal actions. However, ...

    Posted in Targeted Attacks | Comments Off



    Recently, we spotted a new malware family that was being used in targeted attacks - the EvilGrab malware family. It is called EvilGrab due to its behavior of grabbing audio, video, and screenshots from affected machines. We detect EvilGrab under the following malware families: BKDR_HGDER BKDR_EVILOGE BKDR_NVICM Looking into the feedback provided by the Smart Protection Network, EvilGrab is most prevalent in the Asia-Pacific region, with governments being the dominant sector targeted. These are consistent with known trends in targeted attacks. The full report on ...

    Posted in Malware, Targeted Attacks | Comments Off



    A week after September's Patch Tuesday, Microsoft rushed a "Fix It" workaround tool to address a new zero-day Internet Explorer vulnerability (CVE-2013-3893), which is reportedly being actively exploited in certain targeted attacks. As Microsoft advised, the said exploit is targeting a Use After Free Vulnerability in IE’s HTML rendering engine (mshtml.dll). While current exploits are implemented entirely in JavaScript, an attacker can choose to use other methods like Java, Flash, VBScript, etc. as well.  For more technical information about the vulnerability, one ...

    Posted in Exploits, Targeted Attacks | Comments Off



    The upcoming G20 Summit in St. Petersburg, Russia might have already spewed several messages aimed at both common users and specific groups. A recent email we saw is only the latest in these threats. The said message is purportedly from the event's planning team and refers to a "pre-summit meeting": Figure 1. Spammed message The email arrives with a RAR attachment containing three files: one LNK file and two other binary files. Based on our analysis, the binary files are actually one file ...



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice