Often overlooked, bulletproof hosting services
shield cybercriminals from the law.
The biggest security gaps are the ones often overlooked. At the start of the year, users were subjected to malvertisements with zero-day exploits, expanded ransomware targets, and macro malware attacks on MS Office documents. All of these are reemerging threats begging for concrete security actions that leave no room for error. Find out more from the TrendLabs 1Q 2015 Security Roundup.
Analysis and insight on targeted attack cases in 2014, with information on state-sponsored attacks and the new tools and techniques used.
The year 2014 was rife with mega breaches, hard-to-patch vulnerabilities, thriving cybercriminal underground economies, and a number of large-scale incidents. Faced with these growing threats, organizations need to plan ahead and be ready to take action instantly. Learn more from 2014 TrendLabs annual security roundup.
Vulnerabilities in oft-overlooked but widely used software and devices surfaced in the third quarter of 2014, reiterating the importance of having security in mind. Shellshock and a Netis router vulnerability proved that attackers don't discriminate when it comes to targets. These are just two of the biggest threats that hit users in the past three months though. Find out what other threats reared their ugly heads.
This research paper explores bulletproof hosting services' (BPHS) role in perpetrating cybercrime. Often overlooked, this service makes for perfect criminal hideouts - helping cybercriminals evade law enforcement.
This research paper provides in-depth technical information on the targets, components, tools, and tactics of Operation Tropic Trooper, an active campaign since 2012.
This research paper provides an in-depth look at noteworthy IRS tax scam components, how they work, and how taxpayers can avoid becoming victims of fraud.
This research paper takes a close look into a one-man operation that managed to steal more than 22,000 credit card numbers in a month using PoS malware.
APT campaigns aggressively pursue and compromise specific targets to gain control of a company’s computer system for a prolonged period of time. To make a targeted attack successful, the communication channel between a threat actor and the malware inside a network must always remain open and unknown. Know how leveraging threat intelligence can help detect this malicious network traffic by reading this primer.
As 2012 drew to a close, SMBs, along with most organizations, should have taken a step back and learned from the past year. With mobile devices fast becoming part of workplaces and the increased availability of cloud services, SMBs should adopt security practices to fully protect their assets. This year, the Android malware volume is expected to hit the 1 million mark. The continuous use of cloud services will also play a key part in the SMB threat environment. This primer runs through five predictions SMBs should take note of.
In 2013, managing the security of devices, small business systems, and large enterprise networks will be more complex than ever before. Users are breaking down the PC monoculture by embracing a wider variety of platforms, each with its own user interface, OS, and security model. Businesses, meanwhile, are grappling with protecting intellectual property and business information as they tackle consumerization, virtualization, and cloud platforms head-on. This divergence in computing experience will further expand opportunities for cybercriminals and other threat actors to gain profit, steal information, and sabotage their targets’ operations.
Users face various unwanted app routines in the current mobile landscape. Given this situation, market owners have taken certain measures like providing safety guidelines, conducting prerelease quality assurance checks, and introducing access permission layers at the OS level. Unfortunately, these are still far from being fool-proof solutions. The reality is: Users are responsible for checking if the apps they download are legitimate or not.