Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Recent Posts

  • Calendar

    May 2015
    S M T W T F S
    « Apr    
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  
  • Email Subscription

  • About Us


    Archive for the ‘Targeted Attacks’ Category




    Today, we are publishing a research paper on an ongoing operation launched by a threat actor group known as Rocket Kitten. Rocket Kitten Campaigns We have been able to observe two different campaigns launched by the group, one after the other, which reveal an evolution in the skills of this group. The first of these campaigns has already been exposed at 31C3 by Tillman Werner and Gadi Evron. That campaign started with traditional spear phishing e-mails that use basic social engineering techniques to entice the targeted ...

    Posted in Targeted Attacks |



    Throughout course of my monitoring future and possible targeted attacks, I recently chanced upon a spear-phishing email sent to an undisclosed recipient that contains three seemingly harmless documents. I was curious about the attached documents so I first checked the one titled AlSajana Youth Center financial Report.docx. The so-called financial report turned out to be a non-malicious document (see Figure 1) but the other two attached files struck me as suspicious as well. Their file names were u0627u0644u0645u0639u062Fu064429u0.docx and u0625u0646u062Cu0644u064Au0632u0649.doc. Figure 1. Sample ...




    Information about the overall threat landscape can be gathered from many sources. One useful method is by looking at the overall activity of command-and-control (C&C) servers, as used in botnets, targeted attacks, and in attacks against the broader Internet user base. We are able to combine various threat intelligence sources, including feedback from the Trend Micro™ Smart Protection Network™, to get a glimpse of C&C server activity. (these are displayed in real time on the Global Botnet Map). Our findings below reflect the information ...

    Posted in Targeted Attacks |



    Last week, we released a research paper titled “Operation Arid Viper: Bypassing the Iron Dome” where we detailed two related campaigns. To recall, here are our key findings related to the two campaigns: Palestinian threat actors have staged a targeted attack, Operation Arid Viper, to exfiltrate data from high-profile targets in the Israeli government and have been doing so since mid-2013. The attacks are still on-going, coinciding with the political tension between Israel and Palestinians. Investigation of the Germany-hosted server used in Arid ...

    Posted in Targeted Attacks |



    2014 was a year where cybercriminal attacks crippled both likely and unlikely targets. A year rife with destructive attacks, 2014 proved to be a difficult one for individuals and companies who were victimized by these threats. Massive data breach disclosures came one after another in 2014 in much more rapid succession than past years. The Sony Pictures breach in December, along with the other big breaches of the year illustrated the wide spectrum of losses that can hit a company that ...



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice