Skip to content

Security Research Papers and Articles

More Options

Grounded in APT Facts

Grounded in APT Facts

How much do you know about targeted attacks? View this infographic.

2Q Report on Targeted Attack Campaigns

2Q Report on Targeted Attack Campaigns

This quarterly report presents the targeted attack campaigns observed and mitigated by Trend Micro based on reported customer cases, as well as our own independently gathered data.

open all


Network Detection Evasion Methods: Blending with Legitimate Traffic

Cybercriminals always look for alternative techniques to improve their attacks’ success rate. Targeted and run-of-the-mill cyber attackers alike have been continuously modifying and enhancing their tactics, techniques, and procedures to stay under the radar for as long as they can.

Read Network Detection Evasion Methods


Suggestions to Help Companies with the Fight Against Targeted Attacks


The SCADA That Didn’t Cry Wolf: Who’s Really Attacking Your ICS Equipment? (Part 2)


Targeted Attacks Detection with SPuNge


Safe: A Targeted Threat


Malicious Network Communications: What Are You Overlooking?


FAKEM RAT: Malware Disguised as Windows Messenger and Yahoo! Messenger


The HeartBeat APT Campaign


Spear-Phishing Email: Most Favored APT Attack Bait


Detecting APT Activity with Network Traffic Analysis


How to Thwart the Digital Insider – An Advanced Persistent Response to Targeted Attacks


How Tough Is It to Deal With APTs?


IXESHE: An APT Campaign


Luckycat Redux: Inside an APT Campaign with Multiple Targets in India and Japan

12 Most Abused Android App Permissions

12 Most Abused Android App Permissions

Cybercriminals can exploit Android app permissions for their personal gain. Find out the most commonly requested permissions and how they’re abused in our latest TrendLabs Security Gallery.

Mobile Malware: 10 Terrible Years


We’ve seen 10 years of mobile malware mayhem. It’s about time we take a look at what may await us in the next 10.

Read the Mobile Monthly Report

open all


Fake Apps, Russia, and the Mobile Web: Making the SMS Fraud Connection

News of an SMS fraud service affecting many countries first broke out in Russia in 2010. It has since put users at risk through popular online activities like social networking and downloading content.

Read Fake Apps, Russia, and the Mobile Web


Adding Android and Mac OS X Malware to the APT Toolbox


Eco and Ego Apps in Japan


Android Malware Acts as an SMS Relay

How Attacks Adapt

How Attacks Adapt

As with technology and popular means of communication, cybercriminal attacks and schemes continue to evolve over the years. Find out more…

Online Security for You and Your Family

Online Security for You and Your Family

Everyone's online, but not everyone's secure. It's up to you to make sure that your family is. Learn about online threats and how you can protect your family from these threats here.

open all


Cybercriminal Underground Economy Series

The Mobile Cybercriminal Underground Market in China

The mobile Web is significantly changing the world. More and more people are replacing their PCs with various mobile devices for both work and entertainment. This change in consumer behavior is affecting the cybercriminal underground economy, causing a so-called “mobile underground” to emerge.

This research paper provides a brief overview of some basic underground activities in the mobile space in China. It describes some of the available mobile underground products and services with their respective prices. Note that the products and services and related information featured in this paper were obtained from various sites and QQ chats.

Read the paper


Point-of-Sale System Breaches: Threats to the Retail and Hospitality Industries


From Russia with Love: Behind the Trend Micro-NBC News Honeypots


CPL Malware: Malicious Control Panel Items


"Ice 419": Cybercriminals from Nigeria Use Ice IX and the 419 Scam


Bitcoin Domains


Beyond Online Gaming Cybercrime: Revisiting the Chinese Underground Market


The Apollo Campaign: A Gateway to Eastern European Banks


Deepweb and Cybercrime: It’s Not All About TOR


Concerns Regarding Flaws in the New DKIM Standard


Brazil: Cybersecurity Challenges Faced by a Fast-Growing Market Economy


Email Correlation and Phishing: How Big Data Analytics Identifies Malicious Messages


Stealrat: An In-Depth Look at an Emerging Spambot


Windows 8 and Windows RT: New Beginnings


Latin American and Caribbean Cybersecurity Trends and Government Responses /

Tendencias en la seguridad cibernética en América Latina y el Caribe y respuestas de los gobiernos


SCADA in the Cloud: A Security Conundrum?


Africa: A New Safe Harbor for Cybercriminals?


Who's Really Attacking Your ICS Equipment?


Asprox Reborn


Home Automation and Cybercrime


Peter the Great vs Sun Tzu


The Crimeware Evolution


W32.Tinba (Tinybanker): The Turkish Incident


The Taidoor Campaign: An In-Depth Analysis


Continuous Monitoring in a Virtual Environment


Blackhole Exploit Kit: A Spam Campaign, Not a Series of Individual Spam Runs—An In-Depth Analysis


Russian Underground 101


Operation Ghost Click: The Rove Digital Takedown


Automating Online Banking Fraud—Automatic Transfer System: The Latest Cybercrime Toolkit Feature


The Police Trojan: An In-Depth Analysis


Traffic Direction Systems as Malware Distribution Tools


Toward a More Secure Posture for Industrial Control System Networks

Connect with us on