Search
Keyword: arp flooding attack
Description Name: APT - DTRACK - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicato...
Description Name: QAKBOT - SMTP(REQUEST) . This is Trend Micro detection for packets passing through SMTP network protocols that can be used as Point of Entry. This also indicates a malware infection. Below are some indicators of an infected host:Exc...
Description Name: APT - LOOKBACK - TCP (Request) . This is Trend Micro detection for packets passing through TCP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicato...
Description Name: APT - LOOKBACK - TCP (Response) . This is Trend Micro detection for packets passing through TCP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicat...
from this attack? This attack has several components. Multilayered defense is necessary to ensure that the malicious spam, the PDF exploit, the backdoor, and the backdoor’s outbound communication are
found samples with random domains which don't belong to any business entity. Thus, this attack may not be targeted to any specific organization. The people behind this attack may have used US-CERT to make
http://sjc1-te-cmsap1.sdi.trendnet.org/dumpImages/212201011120.jpeg Background of the Attack Trend Micro received several reports and inquiries surrounding a series of attacks that exploited an
http://sjc1-te-cmsap1.sdi.trendnet.org/dumpImages/04520105255.jpeg Background of the Attack On January 25, 1:25 p.m., Munich time, Trend Micro analysts received reports regarding a blackhat search
Trendlabs engineers received mail samples of this spam attack seemingly advertising cosmetic products. 'Invisible ink' is used here to bypass typical mail filters. The links redirect to suspicious
OSX_PINTSIZED.ENV connects to this site to send and receive commands from a remote malicious user. This malware was involved in a zero-day Java vulnerability exploit attack in January 2013.
Shortened URL that points to the site� http://{BLOCKED}count.info/end.php . This is related to the malware JS_FBOOK.VTG and the fake Osama bin Laden video attack in Facebook .
Shortened URL that points to the site� http://{BLOCKED}count.info/end.php . This is related to the malware JS_FBOOK.VTG and the fake Osama bin Laden video attack in Facebook .
This is the site where BKDR_INJECT.EVL connects to send and receive information. This backdoor malware was used in a targeted attack campaign which exploited an Adobe Flash Player vulnerability.
This is a Trend Micro detection focused on detecting files that contain code leading to a vulnerability. Specifically, the code is related to an attack known as CHINA CHOPPER.
TROJ_MADIH.SM connects to this site to send and receive information. This Trojan is believed to be related to a targeted attack against infrastructures and companies located in the Middle East.
TROJ_MADIH.SM connects to this site to send and receive information. This Trojan is believed to be related to a targeted attack against infrastructures and companies located in the Middle East.
remote malicious user: [Quit] - Terminate itself [Help] - Print Commands [Version] - Print Version [Exec] - Executes shell command [DLE] - Downloads and execute arbitrary file [UDP] - Starts UDP Flooding
This malicious URL is used in a phishing attack that targets customers of the recent merger between ABN AMRO Bank NV (ABN AMRO Bank) and Fortis Bank (Nederland).
OSX_OLYX.EVL connects to this to send and receive information. This site was involved in a targeted attack campaign that uses Pro-Tibetan sentiments as social engineering ploy for the attackers to
a remote malicious user: sends an email DNS lookup Downloads a file Executes Shell Command Gets system information Executes php code TCP flood attack UDPflood attack Executes raw IRC command Port scan