Posts Tagged 'advanced persistent threats'
Last year, we blogged about the actor known as Quarian, who is involved in targeted attacks. This individual or group has been active since at least 2011 and has targeted government agencies. The attacks use spear phishing campaigns with crafted .pdf and .doc files as bait for unsuspecting users. Recently, we found a new sample […]
It’s hard enough to keep pace with network demands and be able to detect threats in real time. It’s even harder to stay on top of all the information generated about those threats, intrusions and suspicious network behavior. Enter SIEM, Security Information and Event Management, which in an age of big data has become essential […]
Recently, the McAfee Advanced Exploit Detection System (AEDS) has delivered some interesting RTF files to our table. These RTFs have executables “attached” to the documents. Usually, some words in the documents try to convince users to click and run the attachments. The following figure shows the point at which a user clicks on the attachment. […]
The security world, as many specialty fields, is full of acronyms. Those of us in the business know a SIEM from an IPS from a NGFW, and we’re happy to explain the difference to customers, many of whom know exactly what we’re talking about. There’s one set of acronyms, though, that can be confusing: APTs […]
Last month many Internet users were suddenly forced to trade in Bitcoins. This was not for general purposes–they were paying to get their data back. Their systems had been hijacked by ransomware. Ransomware is a type of malware that infects a machine, locks data files or the entire system, and demands payment to free the […]