• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Author / Trend Micro Forward-Looking Threat Research Team

FTR

Stolen Data from Chinese Hotel Chain and Other Illicit Products Sold in Deep Web Forum
  • Posted on:September 7, 2018
  • Posted in:Deep Web
  • Posted by:
    Trend Micro Forward-Looking Threat Research Team
0

We uncovered personally identifiable information (PII) stolen from a China-based hotel chain being sold on a deep web forum we were monitoring. Further analysis revealed that the stolen data was not only the PII of Chinese customers, but also included the hotel chain’s customers from Western and East Asian countries. The sample data we saw was unencrypted (in plaintext), some of which were in CSV, SQL, and TXT dumps.

We believe this stolen data is related to the data breach (reported on August 29) that exposed up to 130 million PII. The news that reported the data breach matched with an advertisement we saw in the dark web selling the stolen data for eight bitcoins (equivalent to more than US$58,000 as of September 5, 2018).

Read More
Tags: cybercriminal undergroundDeep Web

How Machine Learning Can Help Identify Web Defacement Campaigns
  • Posted on:August 9, 2018
  • Posted in:Machine Learning
  • Posted by:
    Trend Micro Forward-Looking Threat Research Team
0

Website defacement — the act of visibly altering the pages of a website, notably in the aftermath of a political event to advance the political agenda of a threat actor— has been explored in our various research works. We broke down top defacement campaigns in a previous paper and, in another post, emphasized how machine learning in our security research tool can help Computer Emergency Readiness Teams (CERTs)/Computer Security Incident Response Teams (CSIRTs) and web administrators prepare for such attacks. The latter took off from the analysis done in our most recent paper, Web Defacement Campaigns Uncovered: Gaining Insights From Deface Pages Using DefPloreX-NG. Here we expound on why machine learning (ML) was an ideal method for our analysis to better understand how web defacers operate and organize themselves.

Read More
Tags: DefPloreX-NGweb defacement

Attack Vectors in Orbit: The Need for IoT and Satellite Security in the Age of 5G
  • Posted on:June 11, 2018
  • Posted in:Internet of Things
  • Posted by:
    Trend Micro Forward-Looking Threat Research Team
0

Already a vital part of the critical infrastructure of the internet, satellites are set to take on a more significant role with the emergence of 5G cellular network technology and the continuing expansion of the internet of things (IoT). While terrestrial networks handle peak load well, disaster handling and critical infrastructure scenarios are served well by satellites, which are unaffected by most ground-based events. Ensuring the security of satellites, therefore, acquires even greater importance and warrants more initiatives to that end.

Read More
Tags: 5giiotindustrial internet of thingsinternet of thingssatellites

Using Insights From DefPloreX-NG to Thwart Web Defacement Attacks
  • Posted on:June 7, 2018
  • Posted in:Bad Sites, Machine Learning
  • Posted by:
    Trend Micro Forward-Looking Threat Research Team
0

The ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS) is an avenue for cybersecurity research breakthroughs, techniques, and tools. At the ACM ASIACCS 2018 in Incheon, South Korea, we presented our research using DefPloreX-NG, a tool for identifying and tracking web defacement campaigns using historical and live data. “DefPloreX-NG” is a play on the phrase “defacement explorer.” The appended “NG” acronym means “Next Generation,” signifying improvements from the previous version of the tool. DefPloreX-NG is equipped with an enhanced machine learning algorithm and new visualization templates to give security analysts and other professionals a better understanding of web defacement campaigns.

Read More
Tags: CERTsDefPloreX-NGmachine learningweb defacement

Emerging 5G Technology Could Compromise SIM Card-Dependent IoT Devices on Massive Scale
  • Posted on:May 31, 2018
  • Posted in:Internet of Things, Mobile
  • Posted by:
    Trend Micro Forward-Looking Threat Research Team
0

Already, current cellular network technologies such as 3G and 4G allow fast wireless communication. But the next evolution, 5G, is set to afford even faster connections along with greater reliability. Touted as the next generation of mobile internet connectivity, 5G will offer speeds of the order of several gigabits per second (Gbps), with average download rates expected to be about 1 Gbps. While its improvements over previous generations will doubtless be most apparent in smartphones and other widely used internet-enabled mobile devices, 5G is also likely to benefit the internet of things (IoT) since it can very well provide the infrastructure the IoT needs to carry and transfer massive amounts of data.

Read More
Tags: 5giot sim cardssim cards
Page 1 of 812 › »

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments
  • Malware Targeting Brazil Uses Legitimate Windows Components WMI and CertUtil as Part of its Routine
  • Perl-Based Shellbot Looks to Target Organizations via C&C
  • SettingContent-ms can be Abused to Drop Complex DeepLink and Icon-based Payload
  • Spam Campaign Abusing SettingContent-ms Found Dropping Same FlawedAmmyy RAT Distributed by Necurs

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.