• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Author / Maxim Goncharov (Senior Threat Researcher)

Maxim Goncharov

Senior Threat Researcher

The Russian Underground—Revamped

  • Posted on:July 28, 2015
  • Posted in:Deep Web, Malware
  • Posted by:
    Maxim Goncharov (Senior Threat Researcher)
0

When big breaches happen and hundreds of millions of credit card numbers and SSNs get stolen, they resurface in other places. The underground now offers a vast landscape of shops, where criminals can buy credit cards and other things at irresistible prices. Million dollar breaches News and media coverage on significant breaches are increasingly shaping…

Read More
Tags: CUEScybercriminal economyRussian underground

Operation Shrouded Horizon: Darkode and its Ties to Bulletproof Hosting Services

  • Posted on:July 20, 2015
  • Posted in:Bad Sites
  • Posted by:
    Maxim Goncharov (Senior Threat Researcher)
0

One of the challenges in fighting cybercrime is that it is borderless; cybercriminals can conduct their malicious activities in countries that do not have strict implementation of cybercrime laws.   However, no matter how difficult and perilous the task of arresting attackers and taking down cybercriminal operations is, it can be achieved through collaboration between security researchers…

Read More
Tags: BPHSbulletproof hosting servicescybercrimedarkode

Hideouts for Lease: The Silent Role of Bulletproof Hosting Services in Cybercriminal Operations

  • Posted on:July 15, 2015
  • Posted in:Bad Sites
  • Posted by:
    Maxim Goncharov (Senior Threat Researcher)
0

What do LeaseWeb, Galkahost, and Spamz have in common? All of them, at one point or another, have functioned as cybercriminal hideouts in the form of bulletproof hosting services (BPHS). Simply put, BPHS is any “hosting facility that can store any type of malicious content like phishing sites, pornography, and command-and-control (C&C) infrastructure.” If I…

Read More
Tags: BPHSbulletproof hostingcybercrime

Joke or Blunder: Carbanak C&C Leads to Russia Federal Security Service

  • Posted on:May 22, 2015
  • Posted in:Targeted Attacks
  • Posted by:
    Maxim Goncharov (Senior Threat Researcher)
1

In an interesting turn of events, a C&C used in the Carbanak targeted attack campaign now resolves to an IP linked to the Russian Federal Security Service (FSB). Yesterday, while checking the indicator of compromise (IOC) data from the Carbanak report, when I noticed that the domain name systemsvc.net (which was identified as a C&C server in the report) now…

Read More
Tags: carbanakrussian federal security service

Number of Sites Vulnerable to Heartbleed Plunges by Two-Thirds

  • Posted on:April 24, 2014
  • Posted in:Vulnerabilities
  • Posted by:
    Maxim Goncharov (Senior Threat Researcher)
0

Two weeks ago, we talked about how many sites in the top 1 million domains (as judged by Alexa) were vulnerable to the Heartbleed SSL vulnerability. How do things stand today? Figure 1. Sites vulnerable to Heartbleed as of April 22 Globally, the percentage of sites that is vulnerable to Heartbleed has fallen by two-thirds,…

Read More
Tags: Heartbeat extensionHeartbleedOpenSSLvulnerability
Page 1 of 412 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.