During the first half of 2014, attacks against Asia-Pacific countries showed some notable techniques used by attackers to evade detection and steal data. This report details the targeted attack campaigns and trends over that period.
For many organizations, the question is no longer if they fall victim to a targeted attack, but when. In such an event, how an organization responds will determine whether it becomes a serious event or if it stays a mere annoyance.
Leaving your computer vulnerable to attack makes you a danger not just to yourself, but to everyone else on the Internet. How do botnets work, what are the risks, and how can you protect yourself?
A new Shellshock attack targeting SMTP servers has been discovered. Attackers used email to deliver the exploit, which downloads and executes an IRC Bot.
This Operation Pawn Storm attack scenario involves the use of phishing emails. See how one line of Javascript code could place millions of Outlook Web Access (OWA) users at risk of becoming victims of a simple, but clever phishing attack.
Despite the availability of fixes related to the Sandworm vulnerability (CVE-2014-4114), new attacks related to this flaw are still being spotted. These attacks contain a new routine that could prevent detection.
This Trend Micro paper unravels a series of attacks that targets military officials and defense contractors. Dubbed as “Operation Pawn Storm,” the group of threat actors use two known attack vectors: spear phishing emails and a network of phishing websites.
A recent investigation revealed that the Sandworm zero day exploit could likely be used to target GE Intelligent Platform CIMPLICITY users. Find out what it does and how you can safeguard your systems against this emerging attack.
After beginning an investigation into the affiliated malware samples and domains used by the Sandworm team, we found that the group is likely targeting SCADA-centric victims using GE Intelligent Platform’s CIMPLICITY HMI solution suite.