The recent zero-day exploit targeting a use-after-free vulnerability in Internet Explorer highlights one thing: how important it is to use the least-privilege principle in assigning user profiles. Imagine if most user accounts are configured to have administrator rights or root access on their endpoint. (This is surprisingly frequent with older OSes, like Windows XP.) A simple…
Read MoreMa. Christina Cruz
Technical Communications
Data exfiltration is the unauthorized transfer of sensitive information from a target’s network to a location which a threat actor controls. Because data routinely moves in and out of networked enterprises, data exfiltration can closely resemble normal network traffic, making detection of exfiltration attempts challenging for IT security groups. Figure 1. Targeted Attack Campaign Diagram…
Read MoreAdvanced persistent threats and targeted attacks often use socially engineered email as their point of entry into a target network.* Considering the volume of email traffic that an average business user sends (41) and receives (100) in a single working day and the relative ease by which social engineered emails are crafted and sent, enterprises…
Read MoreDo standard security solutions work against advanced persistent threats (APTs)? Are APTs crafted to extract specific files from an organization? Are data breaches caused by APTs? IT groups today face the challenge of protecting/shielding their networks against APTs—computer intrusions by threat actors that aggressively pursue and compromise targets. To help organizations formulate strategies against APTs,…
Read MoreWe regularly blog about how cybercriminals misuse newsworthy events in order to gain profit for themselves. In the past 24 hours, TrendLabsSM has tracked multiple FAKEAV attacks that try and trick users searching for help following the recent McAfee update 5958 incident. This determination by cybercriminals to cause further problems and inconvenience to innocent end users and businesses…
Read More