TrendLabs - Malware BlogThe past year has been an interesting one in the world of cyber security. Mobile malware has become a large-scale threat, government surveillance has users asking “does privacy still exist?”, cybercrime continues to steal money from individuals and businesses, and new targets for hackers like AIS and SCADA have been identified. 2013 was many things, […]Post from: Trendlabs Security Intelligence Blog - by Trend Micro2014 Predictions: Blurring Boundaries
TrendLabs - Malware BlogBy now, most IT administrators are aware that their networks and systems may require defenses against targeted attacks carried out by well-equipped, knowledgeable attackers. As companies prepare their plans for the upcoming year, some may ask: how does one develop a strategy on how to help defend against these attacks? Earlier today, Japan’s Information Technology […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroPlanning for 2014: A Guide To Targeted Attack Defense
TrendLabs - Malware BlogThreats have evolved to try and circumvent advances in analysis and detection. Every improvement by security vendors is met with a response from cybercriminals. Stuxnet, for example, paved the way for the other threat families to use the LNK vulnerability. Using Conficker/DOWNAD popularized the use of a domain generation algorithm (DGA). This is now used by other malware […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroHow Threats Disguise Their Network Traffic
TrendLabs - Malware BlogAround this time of the year, many people are finding themselves on the move visiting friends and family, or just playing tourist somewhere in the world. Since it is 2013, however, one new problem has come up: “how do I get online while I’m on the go?” Many travelers now expect wi-fi as part of […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroWi-Fi On The Go: How Safe Is It?
TrendLabs - Malware BlogDuring the past few months, we’ve been observing increases in the number of systems infected by VBS malware, specifically VBS_SOSYOS, VBS_JENXCUS and VBS_DUNIHI. Most of these systems were found in Latin America, a region targeted by the Banker/Bancos Trojan. Figure 1. VBS malware activity for the past months in Latin America region (LAR) These VBScript […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroVBS Malware Spreading in Latin America
TrendLabs - Malware BlogSeveral days ago, Microsoft released a security advisory disclosing a new zero-day vulnerability in older versions of Windows. It was reported that it was being abused by a malicious PDF file (TROJ_PIDIEF.GUD) to deliver a backdoor (BKDR_TAVDIG.GUD) onto affected systems in “limited, targeted attacks.” We independently obtained samples of the backdoor, which is the final […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroWindows XP/Server 2003 Zero-Day Payload Uses Multiple Anti-Analysis Techniques
TrendLabs - Malware BlogWe recently came across some malware of the SOGOMOT and MIRYAGO families that update themselves in an unusual way: they download JPEG files that contain encrypted configuration files/binaries. Not only that, we believe that this activity has been ongoing since at least the middle of 2010. A notable detail of the malware we came across […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroJPEG Files Used For Targeted Attack Malware
TrendLabs - Malware BlogTrend Micro came across samples of an exploit targeting the recently announced zero-day vulnerability affecting Windows XP and Server 2003. This is an elevation of privilege vulnerability, which may allow a threat actor to gain certain privileges that enable him to do varied activities, including deleting or viewing data, installing programs, or creating accounts with […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroExploit Targeting Windows Zero-Day Vulnerability Spotted
TrendLabs - Malware BlogRecently, Trend Micro published findings on a new campaign called EvilGrab that typically targets victims in Japan and China. This campaign is still attacking users, and we have now acquired a builder being used to create binaries of this campaign. EvilGrab Builder In The Wild What led us to the builder for EvilGrab was a binary […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroEvilGrab’s Evil, Still Propagating
TrendLabs - Malware BlogFor many, the holiday season is a season for shopping and spending. But cybercriminals see it in a different light—they see it as a prime opportunity to steal. Take, for example, online shopping. Malicious websites to try and trick online shoppers into giving them their money instead of the legitimate shopping websites. These sites are often made to […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroThe Season For Danger: Holiday Season Spam And Phishing
Sign up now »
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.