• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   APT

Pawn Storm Targets MH17 Investigation Team
  • Posted on:October 22, 2015 at 11:59 am
  • Posted in:Targeted Attacks
  • Author:
    Feike Hacquebord (Senior Threat Researcher)
0

Pawn Storm has a long history of targeting government agencies and private organizations to steal sensitive information. Our most recent findings show that they targeted the international investigation team of the MH17 plane crash from different sides.

The Dutch Safety Board (known as Onderzoeksraad) became a target of the cyber-espionage group before and after the safety board published their detailed report on the MH17 incident on October 13, 2015. We believe that a coordinated attack from several sides was launched to get unauthorized access to sensitive material of the investigation conducted by Dutch, Malaysian, Australian, Belgian, and Ukrainian authorities.

Read More
Tags: APTmh17Pawn StormSyriaTargeted Attack

Latest Flash Exploit Used in Pawn Storm Circumvents Mitigation Techniques
  • Posted on:October 16, 2015 at 8:36 am
  • Posted in:Exploits, Targeted Attacks, Vulnerabilities
  • Author:
    Peter Pi (Threats Analyst)
2

Our analysis of the Adobe Flash zero-day vulnerability used in the latest Pawn Storm campaign reveals that the previous mitigation techniques introduced by Adobe were not enough to secure the platform. Used in Pawn Storm to target certain foreign affairs ministries, the vulnerability identified as CVE-2015-7645 represents a significant change in tactics from previous exploits. It is…

Read More
Tags: 0dayAdobeAPTExploitFlashPawn StormTargeted Attackvulnerability

Targeted Attacks versus APTs: What’s The Difference?
  • Posted on:September 14, 2015 at 9:59 am
  • Posted in:Targeted Attacks
  • Author:Raimund Genes (Chief Technology Officer)
3

A few weeks ago I appeared on the RedZone podcast hosted by Bill Murphy, where I talked about (among other topics) the differences between targeted attacks and what our competitors called Advanced Persistent Threats (APTs). This is a topic that I’ve frequently talked about in the past, and I get asked about it a lot in…

Read More
Tags: advanced persistent threatsAPTtargeted attacks

Shadow Force Uses DLL Hijacking, Targets South Korean Company
  • Posted on:September 9, 2015 at 1:00 am
  • Posted in:Malware, Targeted Attacks
  • Author:
    Dove Chiu (Threat Researcher)
0

What sort of interest would a businessman have in a news agency? That was the question that arose from our recent investigation on an attack that appears to target a media agency in South Korea. Shadow Force is a new backdoor that replaces a DLL called by a particular Windows service.  Once that backdoor is open, the attacker…

Read More
Tags: APTbackdoorshadow forceSouth Korea

The State of the ESILE/Lotus Blossom Campaign
  • Posted on:June 26, 2015 at 12:01 pm
  • Posted in:Targeted Attacks
  • Author:
    MingYen Hsieh (Threat Researcher)
2

The Esile targeted attack campaign targeting various countries in the Southeast Asian region has been discussed in the media recently. This campaign – which was referred to by other researchers as Lotus Blossom – is believed to be the work of a nation-state actor due to the nature of the stolen information, which is more valuable to countries than either…

Read More
Tags: APTeliseesilelotus blossomTargeted Attack
Page 1 of 1112 › »

Business Email Compromise

  • How can a sophisticated email scam cause more than $2.3 billion in damages to businesses around the world?
    See the numbers behind BEC

Deep Web

  • Trend Micro researchers have been taking deep dives into cybercriminal territory for years now. Find out more about the inner workings of the Deep Web and underground markets.

Latest Ransomware Posts

  • From RAR to JavaScript: Ransomware Figures in the Fluctuations of Email Attachments
  • A Show of (Brute) Force: Crysis Ransomware Found Targeting Australian and New Zealand Businesses
  • BkSoD by Ransomware: HDDCryptor Uses Commercial Tools to Encrypt Network Shares and Lock HDDs
  • Picture Perfect: CryLocker Ransomware Uploads User Information as PNG Files
  • Network Solutions to Ransomware – Stopping and Containing Its Spread

Ransomware 101

  • This infographic shows how ransomware has evolved, how big the problem has become, and ways to avoid being a ransomware victim.
    Check the infographic

Popular Posts

  • Pokémon-themed Umbreon Linux Rootkit Hits x86, ARM Systems
  • New Version of Cerber Ransomware Distributed via Malvertising
  • Locky Ransomware Now Downloaded as Encrypted DLLs
  • CVE-2016-6662 Advisory: Recent MySQL Code Execution/Privilege Escalation Zero-Day Vulnerability
  • BkSoD by Ransomware: HDDCryptor Uses Commercial Tools to Encrypt Network Shares and Lock HDDs

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.