Search

Description Name: APT - TALERET - HTTP (Request) - Variant 2 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are ...

Description Name: APT - BOTLODR - HTTP (REQUEST) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indica...

Description Name: APT - LODEINFO - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indica...

TROJ_NAIKON.A attempts to access this website to download possibly malicious files. This malware is the final payload of a targeted attack campaign leveraging the April 2013 Boston Marathon Bombing.

A cross-site scripting (XSS) vulnerability exists in WordPress Uji plugin, allow remote attackers to execute same-origin JavaScript functions via crafted parameter. A successful attack could lead

drives. They also drop a Trojan spyware component onto affected systems.� How does this attack work? Typically, the AMBLER Trojan or worm component drops the Trojan spyware component onto specific folders

A cross-site scripting (XSS) vulnerability exists in WordPress Activity Log plugin, allow remote attackers to execute same-origin JavaScript functions via crafted parameter. A successful attack could

off-line dictionary and brute force attack against the password. The WWWBoard package is a popular web based discussion board by Matt Wright. The administration area of the WWWBoard package requires a

The Asterisk HTTP server currently has a default configuration which allows the BEAST vulnerability to be exploited if the TLS functionality is enabled. This can allow a man-in-the-middle attack to

Description Name: Suspicious LNK file . This is the Trend Micro detection for malicious N/A network packet

execution attack in the context of current user. Apply associated Trend Micro DPI Rules. 1007623|

Description Name: Possible WEBSHELL - HTTP (Request) .

Description Name: JSPSPY Webshell - HTTP (Request) .

http://SJC1-TE-CMSAP1.sdi.trendnet.org/dumpImages/205201162133.jpeg What is a highly targeted attack? A highly targeted attack manages to intentionally stay undetected in a network or system for a

cleartext information via a padding-oracle attack against an AES CBC session Apply associated Trend Micro DPI Rules. 1006023|

also been found as the payload of a Styx exploit kit attack that may be targeted towards organizations and/or businesses. What does PE_EXPIRO do to an infected system? PE_EXPIRO variants scan infected

source of the DoS attack SPOOFS {subnet} - changes spoofing to a subnet GET {HTTP address} {save as} - this downloads and saves a file IRC {command} - this sends commands to the IRC server SH {command} -

software components) ipconfig (Details about current TCP/IP network configuration) netstat (Details about current TCP connections) arp (Details about local ARP cache) tasklist (Details about running

This URL is used in a phishing attack that specifically targets clients of Khaleeji Commerical Bank. The phishing email informs clients that they need to log into their online account to activate and

is involved in an exploit attack targeting a critical vulnerability of Ruby on Rails.