Skip to content

Security Research Papers and Articles

Pinterest
More Options

Grounded in APT Facts

Grounded in APT Facts

How much do you know about targeted attacks? View this infographic.

Targeted Attack Trends: 2H 2013 Report

Targeted Attack Trends: 2H 2013 Report

This biannual report presents the targeted attack campaigns observed and mitigated by Trend Micro based on reported customer cases, as well as our own independently gathered data.



open all

 

Backdoor Use in Targeted Attacks

Backdoors—applications that open computers to remote access—play a crucial role in targeted attacks. Often initially used in the second (point of entry) or third (command-and-control [C&C]) stage of the targeted attack process, backdoors enable threat actors to gain command and control of their target network.

Read more on backdoors
 

 

Fake Apps: Feigning Legitimacy

 

Network Detection Evasion Methods: Blending with Legitimate Traffic

 

Suggestions to Help Companies with the Fight Against Targeted Attacks

 

The SCADA That Didn’t Cry Wolf: Who’s Really Attacking Your ICS Equipment? (Part 2)

 

Targeted Attacks Detection with SPuNge

 

Safe: A Targeted Threat

 

Malicious Network Communications: What Are You Overlooking?

 

FAKEM RAT: Malware Disguised as Windows Messenger and Yahoo! Messenger

 

The HeartBeat APT Campaign

 

Spear-Phishing Email: Most Favored APT Attack Bait

 

Detecting APT Activity with Network Traffic Analysis

 

How to Thwart the Digital Insider – An Advanced Persistent Response to Targeted Attacks

 

How Tough Is It to Deal With APTs?

 

IXESHE: An APT Campaign

 

Luckycat Redux: Inside an APT Campaign with Multiple Targets in India and Japan

12 Most Abused Android App Permissions

12 Most Abused Android App Permissions

Cybercriminals can exploit Android app permissions for their personal gain. Find out the most commonly requested permissions and how they’re abused in our latest TrendLabs Security Gallery.



open all

 

Fake Apps, Russia, and the Mobile Web: Making the SMS Fraud Connection

News of an SMS fraud service affecting many countries first broke out in Russia in 2010. It has since put users at risk through popular online activities like social networking and downloading content.

Read Fake Apps, Russia, and the Mobile Web

 

Adding Android and Mac OS X Malware to the APT Toolbox

 

Eco and Ego Apps in Japan

 

Android Malware Acts as an SMS Relay

How Attacks Adapt

How Attacks Adapt

As with technology and popular means of communication, cybercriminal attacks and schemes continue to evolve over the years. Find out more…

Online Security for You and Your Family

Online Security for You and Your Family

Everyone's online, but not everyone's secure. It's up to you to make sure that your family is. Learn about online threats and how you can protect your family from these threats here.



open all

 

PoS RAM Scraper Malware: Past, Present, and Future

This research paper examines the PoS ecosystem. It describes how PoS transactions work from the moment customers swipe their credit cards to when they get charged for their purchases. It describes what types of data resides in the magnetic stripe of payment cards. It looks at the evolution of PoS RAM scrapers—from their humble beginnings to how they have become today’s industrialized threats. It also presents the various PoS RAM scraper infection methods by providing technical overviews of the most prevalent PoS RAM scraper malware families that have affected businesses to date. It details the data-exfiltration techniques used by PoS RAM scrapers and examines what happens to the data that cybercriminals exfiltrate. It also attempts to predict future PoS attack vectors. Finally, the paper provides prevention strategies that companies can follow to protect against PoS RAM scrapers.

Read up on PoS RAM scraping

 

Cybercriminal Underground Economy Series

The Chinese Underground in 2013

 

Finding Holes: Operation Emmental

 

On the Actors Behind MEVADE/SEFNIT

 

Cybercriminals Use What Works: Targeted Attack Methodologies for Cybercrime

 

Cybercriminal Underground Economy Series

Russian Underground Revisited

 

Cybercriminal Underground Economy Series

The Mobile Cybercriminal Underground Market in China

 

Point-of-Sale System Breaches: Threats to the Retail and Hospitality Industries

 

From Russia with Love: Behind the Trend Micro-NBC News Honeypots

 

CPL Malware: Malicious Control Panel Items

 

"Ice 419": Cybercriminals from Nigeria Use Ice IX and the 419 Scam

 

Bitcoin Domains

 

Beyond Online Gaming Cybercrime: Revisiting the Chinese Underground Market

 

The Apollo Campaign: A Gateway to Eastern European Banks

 

Deepweb and Cybercrime: It’s Not All About TOR

 

Concerns Regarding Flaws in the New DKIM Standard

 

Brazil: Cybersecurity Challenges Faced by a Fast-Growing Market Economy


Connect with us on