Cyber Attacks

ICS environments share a common fate —- they are not “traditional” IT network environments and should not be treated as such.

The term targeted attack has become a buzz term in the security industry; its growing popularity, caused by a steady stream of reported incidents. But do people really know every step involved in a well-planned targeted attack campaign?

The IXESHE attackers are notable for their use of compromised machines within a target’s internal network as C&C servers. While the malware used in the attacks were not very complicated by nature, these proved very effective. This campaign remains an activ

The Taidoor campaign primarily targeted government organizations located in Taiwan. Trend Micro Research was able to develop indicators of compromise useful in determining if an attack is underway in an enterprise.

Their use of social engineering, vulnerability exploits, a specialized malware not only make targeted attack campaigns high-priority threats, they also make them difficult to defend against. To mitigate such threats, a custom defense strategy is required.

The U.S. government held a mock cyberattack against a fictitious chemical company as part of the Department of Homeland Security's efforts to help private-sector companies prepare for and deal with cybersecurity issues.

The threat actors behind “Lurid Downloader” launched 301 malware campaigns that targeted entities in specific countries or geographic regions and added a means to track the success of each one.

Due to operational "optimization", the SCADA threat landscape now begins to look a lot like the network security landscape that we all know and respect — one of constant vigilance and constant defensive threat posture.

Why SCADA systems should never be connected in any way, shape, or form to the public Internet, and how business decisions over the course of the past 15 years have allowed the "public" and "private" networks to become dangerously close in p