Latest Articles
- Threats analyst Bryant Tan shares some rules that IT administrators can proactively implement to set up “basic defense” for their network. These rules are not meant to cover all types of suspicious activity but are important in building a secure network.When attackers look at a target network, they focus on the flaws that they can exploit, then customize their attacks based on these. What can IT admins do knowing that the weakest link usually lie with people, passwords, and places that are considered secure?A new variant of the backdoor BIFROSE, known for its keylogging techniques, was found in an attack against a device manufacturer. The malware was already elusive back in 2010, but its use of TOR to reach its servers makes it even harder to track.The growth in spam volume during the first of half of 2014 can be attributed to the prevalence of threats that use spam as an infection vector. This include known threats like DOWNAD, UPATRE, and ZEUS/ZBOT.A new strain of KIVARS malware used in targeted attacks now also works on 64-bit versions of Windows systems. This shows that threat actors remain attentive to the public's steady adoption of 64-bit processing systems.Attackers have found a new use for Dropbox, apart from just hosting malware. This new tactic uses the PlugX remote access tool to download its C&C server settings using the free file storing service.A pattern emerges from the document exploits recently used by HORSMY, ESILE, FARFLI, and other targeted campaigns. Likely sourced in cybercriminal underground markets, this template exploit can be modified depending on what attackers need from their targets.A new campaign inched closer to Japanese government and private entities with backdoor malware attacks on the commonly used word processing software Ichitaro. The ANTIFULAI campaign enters networks via clever email subjects, such as a job application inquiry.