Save & ShareWhite Papers
Web 2.0 Security Threats
April 2007
While Web 2.0 is an exciting and revolutionary development in online computing, it exposes consumers and businesses to a broad spectrum of Web threats. Due to the rush to architect Web 2.0 applications to meet demand and the underlying security weaknesses of AJAX, the Web 2.0 ecosystem is extremely vulnerable to attack. This paper describes the origin, development and impact of Web 2.0 security threats, as well as best practices for avoiding them.
Phishing: Botnet Threats and Solutions
November 2006
This paper examines the existence of and interactions within the botnet ecosystem that enable phishing and the ensuing damage. It also provides information on how businesses and consumers can protect themselves against these attacks.
Taxonomy of Botnet Threats
November 2006
A simple taxonomy model is constructed to facilitate the identification, classification, detection, and mitigation of known and unknown botnets. The taxonomy model examines botnets in the following aspects: attacking behavior, command and control model, rally mechanism, communication protocol, evasion technique, and other observable activities.
Spy-Phishing - A New Breed of Blended Threats
October 2006
This paper explores spy-phishing, an emerging crimeware technique which capitalizes on the use of blended threats, and the various environmental and market forces that enabled it.
The Trend of Threats Today: 2005 Annual Roundup and 2006 Forecast
The antivirus and security industry has witnessed quite a few changes in the past year – and, most notably, over the final few months leading to 2006.
In light of recent developments, trends are changing and new threats have emerged. The Internet has truly come of age as the ultimate tool for marketing, communication and global commerce. Unfortunately, more and more malicious parties also try to abuse the system for their own gains. From ruthless advertisers selling their dubious bodily enhancement pills to crime organisations stealing bank account numbers – life in cyberspace is far from safe. This reality has prompted some to predict that this far-reaching and borderless community would become the “last wild-wild west”.
Hook, Line and Sinker: Phishing Attacks Going "Professional"
2005
Phishing is slowly becoming a household term, with a new scam arriving in users’ inboxes as frequently as once per week. But what makes phishing different from viruses and other threats - and why has it become so popular? And most importantly, what can you do to protect yourself against it?
The Spyware Battle -- Privacy vs. Profits
2005
In this paper, Trend Micro provides some insights into spyware – software that logs information on user activity, collects Web browsing histories, online purcahses, etc. - to educate users about spyware threats and how to minimize the risk of infection. This includes sound advice on safe Internet practices, to avoid many of the most common spyware "traps".
Vulnerability Exploits Break Records - A Special Report by Trend Micro
August 2005
According to security experts at Trend Micro, the bot attacks that occurred on August 16, 2005 were not completely unexpected, but rather were the culmination of a growing trend among malware writers. Researchers have long noted the closing gap between the discovery of a new vulnerability and the time corresponding exploits appear. This trend is particularly alarming, given the significance of the timeline to the resurgence of bot networks.
The Future of Bot Worms - What we can expect from worm authors in the coming months
2005
The current trend in worms seems to go the bot route. Bots—programs that operate as an agent for a user or another program—are most often seen as malware and keep attacking unsuspected users in surprisingly high numbers. This document details the possible new additions and modifications that bot authors might incorporate to their hideous creations in the very near future.
The Trend of Malware Today: Annual Virus Round-up and 2005 Forecast
This paper is the annual virus roundup for 2004. It contains information on the past year's virus outbreak incidents, prevailing malware threats, emerging threats, and forecasts, as analyzed by Trend Micro. Among the issues for 2004 are the BAGLE-NETSKY-MYDOOM malware wars, the emergence of vulnerabilities as a malware propagation medium, and the creation of malware that spread via mobile phones.
The Sasser Event: History and Implications
June 2004
This paper presents the SASSER malware family as an event that has a unique context and is primarily concerned with SASSER’s behavior in relation to other chronological events and other malware families.
Spyware - a Hidden Threat
July 2004
Spyware programs are a growing threat to corporations today. Reports now show that nearly one in three computers are infected with a Trojan horse or system monitor planted by spyware. These programs present a serious threat to privacy, security, and network performance. The following technical note defines the many types of spyware, explains how they invade the network, and exposes the damaging impact.
The Trend of Malware Today: Annual Virus Round-up and 2004 Forecast
By now, most enterpises will have some form of protection in place, but is the solution up to the job? How do administrators decide what solution to implement? How do they justify that solution to upper management in light of current spending budgets?
This report provides analysis of malware trends, and future predictions, to help answer these questions.
