83 Posts

Limor Kessem

Executive Security Advisor, IBM

Limor Kessem is one of the top cyber intelligence experts at IBM Security. She is a seasoned security advocate, public speaker, and a regular blogger on the cutting-edge IBM Security Intelligence blog. Limor comes to IBM from organizations like RSA Security, where she spent 5 years as part of the RSA research labs and drove the FraudAction blog on RSA's Speaking of Security. She also served as the Marketing Director of Big Data analytics startup ThetaRay, where she created the company's cybersecurity thought leadership. Limor is considered an authority on emerging cybercrime threats. She participated as a highly appreciated speaker on live InfraGard New York webcasts (an FBI collaboration), spoke in RSA events worldwide, conducts live webinars on all things fraud and cybercrime, and writes a large variety of threat intelligence  publications. With her unique position at the intersection of multiple research teams at IBM, and her fingers on the pulse of current day threats, Limor covers the full spectrum of trends affecting consumers, corporations, and the industry as a whole. On the social side, Limor tweets security items as @iCyberFighter and is an avid Brazilian Jiu Jitsu fighter.

Written By Limor Kessem

Certificates-as-a-Service? Code Signing Certs Become Popular Cybercrime Commodity

IBM Security X-Force researchers recently uncovered a new trend dominating the cybercrime underground: the sale of stolen or fraudulent certificates.

Shifu: ‘Masterful’ New Banking Trojan Is Attacking 14 Japanese Banks

A brand -ew advanced banking Trojan discovered in the wild has been named Shifu by IBM Security X-Force, after the Japanese word for thief.

Watch Out for CoreBot, New Stealer in the Wild

IBM Security X-Force researchers recently discovered CoreBot, a seemingly generic malware that actually operates on a highly sophisticated level.

Gozi Goes to Bulgaria — Is Cybercrime Heading to Less Charted Territory?

The latest version of the Gozi banking Trojan looks to target banks in Bulgaria. This could be just the first instance of the malware in Eastern Europe.

Tinba Trojan Sets Its Sights on Romania

IBM X-Force researchers have discovered a new variant of the Tinba malware, which is specifically designed to target banks in Romania.

HORNET: Anonymity May Come at a Price — Likely in Hard Cash!

As a quicker and more private alternative to Tor emerges, should we be concerned over the potential applications cybercriminals will find for HORNET?

El malware Dyre se toma sus vacaciones de verano en España

Una nueva configuración del Troyano Dyre persigue a 17 bancos españoles ¿Qué hay de nuevo? Al mismo tiempo que los europeos se dirigen a las playas españolas este verano, los cibercriminales que están detrás del exitoso malware Dyre no se...

Dyre Malware Takes Summer Holiday in Spain

The IBM X-Force Security Research team has discovered some interesting new information involving the Dyre Trojan, which is now targeting Spanish banks.

The POS Malware Epidemic: The Most Dangerous Vulnerabilities and Malware

POS malware continues to grow as a problem plaguing retailers, but with knowledge and a few best practices, organizations can protect customer data.

Meet the Pezão Trojan: Brazil’s Got Malware

An old-school form of malware is taking off in Brazil, putting many of the country's Internet users at risk of serious financial fraud.

Co-Written By Limor Kessem

Overlay RAT Malware Uses AutoIt Scripting to Bypass Antivirus Detection

IBM X-Force discovered a new overlay RAT malware that exploits the AutoIt framework to evade antivirus detection while perpetrating bank fraud in Brazil.

Brazilian Malware Client Maximus: Maximizing the Mayhem

A new, upgraded version of remote access malware Client Maximus points to the growing sophistication of cybercriminals in Brazil.

QakBot Banking Trojan Causes Massive Active Directory Lockouts

IBM X-Force attributed a recent wave of malware-induced Active Directory (AD) lockouts across several IR engagements to the operators of the QakBot Trojan.

Relying on Data to Mitigate the Risk of WordPress Website Hijacking

To protect their WordPress sites from scammers, administrators must proactively patch and monitor their installations to weed out unwanted content.

Brazilian Malware Never Sleeps: Meet EmbusteBot

IBM Research — Haifa Labs detected yet another malware campaign, dubbed EmbusteBot, designed to target dozens of financial institutions in Brazil.

GootKit Developers Dress It Up With Web Traffic Proxy

X-Force researchers revealed the cybergang behind Gootkit had upgraded the banking Trojan with new network interception and certificate bypass methods.

The Full Shamoon: How the Devastating Malware Was Inserted Into Networks

X-Force IRIS researchers found that the Shamoon malware operators relied on weaponized documents that leveraged PowerShell to infiltrate targeted networks.

Anatomy of an hVNC Attack

Cybercriminals who rely on remote control tactics to commit financial fraud may use hidden virtual network computing (hVNC) modules to cover their tracks.

Client Maximus: New Remote Overlay Malware Highlights Rising Malcode Sophistication in Brazil

IBM X-Force researchers discovered a new malware called Client Maximus that contains advanced code written specifically to attack banks in Brazil.

Two Heads Are Better Than One: Going Under the Hood to Analyze GozNym

IBM X-Force researchers recognized that the GozNym banking malware leverages features from two types of malware to make it double the threat.

Gozi Banking Trojan Upgrades Build to Inject Into Windows 10 Edge Browser

The developers of the Gozi banking Trojan have built some improvements into the malware that now allow it to attack Windows 10 operating systems.

Dyre Summer Renovation: Randomized Config File Names Keep Antivirus Engines Guessing

Developers of the Dyre malware are keeping a close eye on security, making several changes to the file configuration to avoid detection.

Tsukuba: Banking Trojan Phishing in Japanese Waters

IBM Security Trusteer researchers recently discovered a new financial malware dubbed Tsukuba, which targets Japanese online banking users.