Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets

Credit to Author: Windows Defender ATP| Date: Thu, 08 Nov 2018 18:08:13 +0000

Our analysis of a targeted attack that used a language-specific word processor shows why its important to understand and protect against small-scale and localized attacks as well as broad-scale malware campaigns. The attack exploited a vulnerability in InPage, a word processor software for specific languages like Urdu, Persian, Pashto, and Arabic. More than 75% of

Read more

The post Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets appeared first on Microsoft Secure.

Read more

Cybercriminals Changing Tactics as Seen in First Half Report

Credit to Author: Jon Clay (Global Threat Communications)| Date: Tue, 28 Aug 2018 12:05:30 +0000

Today, Trend Micro released its first half 2018 security roundup report in which we want to share the threat intelligence we discovered through the Trend Micro™ Smart Protection Network™ that allows us to identify the threats that have targeted our customer base. Below are some thoughts I’d like to share with you about these trends…

The post Cybercriminals Changing Tactics as Seen in First Half Report appeared first on .

Read more

2018’s Biggest Attacks Will Stem from Known Vulnerabilities

Credit to Author: Martin Roesler (Director, Threat Research)| Date: Tue, 05 Dec 2017 13:00:12 +0000

Trend Micro just released its annual predictions report for next year. In this, we outline 8 ways the threat landscape is expected to evolve in 2018. While the predictions touch on a wide range of issues – from IoT to cyberpropaganda – the underlying theme is this, 2018’s biggest attacks will stem from known vulnerabilities….

Read more

When Phishing Starts from the Inside

Credit to Author: Chris Taylor| Date: Thu, 05 Oct 2017 13:00:54 +0000

Phishing is one of the greatest and most time consuming challenge security professionals face today.A growing concern of security professionals is internal phishing attacks – phishing emails sent from one trusted user to another of the same organization. Internal phishing emails are used in multi-stage attacks in which an email account is owned either by controlling the users device with previously installed malware or by compromising the account credentials…

Read more

Pawn Storm – A Look Into this Cyberespionage Actor Group

Credit to Author: Jon Clay| Date: Mon, 08 May 2017 18:13:50 +0000

In April 2017 my monthly threat webinar focused on a cyberespionage group our Forward-Looking Threat Researcher, Feike Hacquebord, has been following for many years and recently published a report into the most recent two years of activities. In this post I want to focus on their tools and tactics versus who they target since this…

Read more