• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   APT

Pawn Storm Targets MH17 Investigation Team
  • Posted on:October 22, 2015 at 11:59 am
  • Posted in:Targeted Attacks
  • Author:
    Feike Hacquebord (Senior Threat Researcher)
0

Pawn Storm has a long history of targeting government agencies and private organizations to steal sensitive information. Our most recent findings show that they targeted the international investigation team of the MH17 plane crash from different sides.

The Dutch Safety Board (known as Onderzoeksraad) became a target of the cyber-espionage group before and after the safety board published their detailed report on the MH17 incident on October 13, 2015. We believe that a coordinated attack from several sides was launched to get unauthorized access to sensitive material of the investigation conducted by Dutch, Malaysian, Australian, Belgian, and Ukrainian authorities.

Read More
Tags: APTmh17Pawn StormSyriaTargeted Attack

Latest Flash Exploit Used in Pawn Storm Circumvents Mitigation Techniques
  • Posted on:October 16, 2015 at 8:36 am
  • Posted in:Exploits, Targeted Attacks, Vulnerabilities
  • Author:
    Peter Pi (Threats Analyst)
2

Our analysis of the Adobe Flash zero-day vulnerability used in the latest Pawn Storm campaign reveals that the previous mitigation techniques introduced by Adobe were not enough to secure the platform. Used in Pawn Storm to target certain foreign affairs ministries, the vulnerability identified as CVE-2015-7645 represents a significant change in tactics from previous exploits. It is…

Read More
Tags: 0dayAdobeAPTExploitFlashPawn StormTargeted Attackvulnerability

Targeted Attacks versus APTs: What’s The Difference?
  • Posted on:September 14, 2015 at 9:59 am
  • Posted in:Targeted Attacks
  • Author:Raimund Genes (Chief Technology Officer)
3

A few weeks ago I appeared on the RedZone podcast hosted by Bill Murphy, where I talked about (among other topics) the differences between targeted attacks and what our competitors called Advanced Persistent Threats (APTs). This is a topic that I’ve frequently talked about in the past, and I get asked about it a lot in…

Read More
Tags: advanced persistent threatsAPTtargeted attacks

Shadow Force Uses DLL Hijacking, Targets South Korean Company
  • Posted on:September 9, 2015 at 1:00 am
  • Posted in:Malware, Targeted Attacks
  • Author:
    Dove Chiu (Threat Researcher)
0

What sort of interest would a businessman have in a news agency? That was the question that arose from our recent investigation on an attack that appears to target a media agency in South Korea. Shadow Force is a new backdoor that replaces a DLL called by a particular Windows service.  Once that backdoor is open, the attacker…

Read More
Tags: APTbackdoorshadow forceSouth Korea

The State of the ESILE/Lotus Blossom Campaign
  • Posted on:June 26, 2015 at 12:01 pm
  • Posted in:Targeted Attacks
  • Author:
    MingYen Hsieh (Threat Researcher)
2

The Esile targeted attack campaign targeting various countries in the Southeast Asian region has been discussed in the media recently. This campaign – which was referred to by other researchers as Lotus Blossom – is believed to be the work of a nation-state actor due to the nature of the stolen information, which is more valuable to countries than either…

Read More
Tags: APTeliseesilelotus blossomTargeted Attack
Page 1 of 1112 › »

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments
  • Malware Targeting Brazil Uses Legitimate Windows Components WMI and CertUtil as Part of its Routine
  • SettingContent-ms can be Abused to Drop Complex DeepLink and Icon-based Payload
  • Perl-Based Shellbot Looks to Target Organizations via C&C
  • Spam Campaign Abusing SettingContent-ms Found Dropping Same FlawedAmmyy RAT Distributed by Necurs

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.