Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    October 2014
    S M T W T F S
    « Sep    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Targeted Attacks’ Category




    Monitoring network traffic is one of the means for IT administrators to determine if there is an ongoing targeted attack in the network.  Remote access tools or RATs, commonly seen in targeted attack campaigns, are employed to establish command-and-control (C&C) communications.  Although the network traffic of these RATs, such as Gh0st, PoisonIvy, Hupigon, and PlugX, among others, are well-known and can be detected, threat actors still effectively use these tools in targeted attacks. Last May we encountered a targeted attack that hit ...




    The use of contextually-relevant emails is one of the most common social engineering tactics employed in targeted attacks.  Emails still being the primary mode of business communications are often abused to deliver exploits to penetrate a network that consequently lead to other stages of a targeted attack cycle. In one of the targeted attacks we’re monitoring, threat actors used the news of a plane crash that killed the deputy prime minister of Laos.  The email message bore the subject line BREAKING: ...




    We recently wrote about the difference between cybercrime and a cyber war, which narrows down to the attack's intent. With the same intent of gaining information to use against targets, cybercriminals and attackers tend to stress less importance in their choice of "tools", as these campaigns are all about who carries out the attack. Ultimately, a simple equation can be drawn from these observations, in which a highly successful attack is composed of the attack's intent and the right tools. Our newest ...

    Posted in Malware, Targeted Attacks | Comments Off



    Targeted attacks are difficult to detect and mitigate by nature. We recently uncovered a targeted attack campaign we dubbed as “ANTIFULAI” that targets both government agencies and private industries in Japan. In our 2H 2013 Targeted Attack Trends report, we found that 80% of the analyzed cases of targeted attacks hit government institutions. Like many targeted attacks, ANTIFULAI uses several emails as entry vectors to get the attention of its would-be targets. In this particular case, the detected email posed as a job application inquiry ...




    The Windows PowerShell® command line is a valuable Windows administration tool designed especially for system administration. It combines the speed of the command line with the flexibility of a scripting language, making it helpful for IT professionals to automate administration of the Windows OS and its applications. Unfortunately, threat actors have recently taken advantage of this powerful scripting language yet again. A recent attack we found originated from an email that promoted a certain “medical examination report.” The email’s sender was ...



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice