• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Author / Spencer Hsieh (Threat Researcher)

Spencer Hsieh (Threat Researcher)

Threat Researcher

Staying Safe from Wirelurker: the Combined Mac/iOS Threat

  • Posted on:November 7, 2014
  • Posted in:Malware, Mobile
  • Posted by:
    Spencer Hsieh (Threat Researcher)
0

The newly discovered Wirelurker malware affecting both OS X and iOS devices has been covered extensively in the media. While this is a significant incident, some of the coverage appears to have been exaggerated, and might lead users to unnecessary panic. Several points would be useful in helping calm down the worst fears of users and distilling…

Read More
Tags: AppleiOSMacOS XWirelurker

Common Misconceptions IT Admins Have on Targeted Attacks

  • Posted on:July 16, 2014
  • Posted in:Targeted Attacks
  • Posted by:
    Spencer Hsieh (Threat Researcher)
1

In our efforts around addressing targeted attacks, we often work with IT administrators from different companies in dealing with threats against their network. During these collaborations, we’ve recognized certain misconceptions that IT administrators — or perhaps enterprises in general — have in terms of targeted attacks. I will cover some of them in this entry, and…

Read More
Tags: social engineeringtargeted attacksvulnerabilityzero dayzero-day vulnerabilities

Careto and OS X Obfuscation

  • Posted on:March 10, 2014
  • Posted in:Malware
  • Posted by:
    Spencer Hsieh (Threat Researcher)
1

Last month, security researchers released a report about a targeted attack operation which they named Careto, or Mask in Spanish. The attack was noted for encoding its configuration data and encrypting its network traffic, making analysis more difficult. However, the capabilities of the Mac malware used in Careto was not as sophisticated as its Windows…

Read More
Tags: Caretomac malwareMac OSMalware

ARP Spoofing and Lateral Movement

  • Posted on:September 27, 2013
  • Posted in:Malware, Targeted Attacks
  • Posted by:
    Spencer Hsieh (Threat Researcher)
0

In targeted attacks, during the lateral movement stage attacks try to gain access to other computers on the same local area network (LAN). One useful tool to achieve this is ARP spoofing, which can be used to carry out a variety of attacks to steal information as well as plant backdoors on other machines. We…

Read More
Tags: APTARP spoofinglateral movementtargeted attacks

Building Threat Intelligence to Detect APTs in Lateral Movement

  • Posted on:July 11, 2013
  • Posted in:Targeted Attacks
  • Posted by:
    Spencer Hsieh (Threat Researcher)
0

A later stage of  advanced persistent threats (APT) attacks is the  “lateral movement” stage, where attackers typically use legitimate computer features to move within the network undetected. This takes place after the initial breach and the establishment of command-and-control links back to the attacker. We earlier discussed the steps in an APT attack in the…

Read More
Tags: APTinformation theftintrusionlateral movementreconnaissanceTargeted Attack
Page 1 of 212

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.