Arbor Threat Intelligence

Arbor's Security Engineering & Response Team (ASERT) Blog
image description

Amplifying Black Energy

Click here to download the full report. The Black Energy malware family has a long and storied history dating back to 2007. Originally a monolithic DDoS platform, significant advancements were made in 2010 including support for an extensible plugin architecture that allowed Black Energy 2 […]

Read more

Peeking at Pkybot

For the past few months ASERT has been keeping an eye on a relatively new banking malware (“banker”) known as “Pkybot”. It is also being classified as a variant of “Bublik”, but the former is much more descriptive of the malware. This post will take […]

Read more

ZeusVM: Bits and Pieces

ZeusVM is a relatively new addition to the Zeus family of malware. Like the other Zeus variants, it is a banking trojan (“banker”) that focuses on stealing user credentials from financial institutions. Although recent attention has been on non-Zeus based bankers such as Neverquest and […]

Read more

Defending the White Elephant

Click here to download the full report that includes attack details, TTPs and indicators of compromise.   Myanmar is a country currently engaged in an important political process. A pro-democracy reform took place in 2011 which has helped the government create an atmopshere conducive to investor […]

Read more

Espionage, Spying and Big Corporate Data, These Are a Few of China’s Favorite Things

ASERT provides a weekly threat bulletin for Arbor customers that highlights and analyzes the week’s top security events and provides other pertinent infosec material. Recently, we covered the public notification of a United Airlines breach by possible Chinese state-sponsored threat actors. In this blog, we offer an alternative hypothesis to the conclusions many have drawn regarding the motivation behind this and other recent attacks.

Read more