Command-and-Control (C&C) - Security Intelligence

Professional using a smartphone infected with an Android Trojan

news

New Gustuff Android Trojan Capable of Targeting More Than 100 Banking Apps

Researchers detected a new Android Trojan called Gustuff that is capable of targeting more than 100 mobile banking apps.

April 2, 2019 | By David Bisson

news

Professional working on a laptop in the office targeted with Ursnif banking malware

news

Threat Actor Targets Japanese Users With New Ursnif Variant

Security researchers discovered an attack campaign targeting Japanese users with a new variant of Ursnif banking malware.

March 13, 2019 | By David Bisson

news

Man using laptop for online banking targeted with fileless malware

news

Fileless Malware Targeting Brazilian and Thai Bank Customers With Multiple Threats

Security researchers discovered a new fileless malware strain targeting bank customers in Brazil and Thailand with a hack tool and at least two infostealers.

March 6, 2019 | By David Bisson

news

Woman working on laptop targeted in Qbot malware campaign

news

Attack Campaign Targets Organizations Worldwide With New Qbot Banking Malware Variant

Security researchers spotted a new attack campaign that's targeting organizations in several countries with a new variant of Qbot banking malware.

March 4, 2019 | By David Bisson

news

Man making an online purchase on laptop infected with Golang brute-forcer

news

New Golang Brute-Forcer Targeting E-Commerce Sites to Steal Personal and Payment Data

Researchers discovered new Trojan malware written in Golang that's targeting e-commerce websites with brute-force attacks.

February 27, 2019 | By David Bisson

news

Security professional working on a laptop running macOS

news

Malicious Windows EXE Files Infect macOS Users With Infostealers and Adware

Security researchers discovered several Microsoft Windows EXE files using malicious payloads to infect macOS users with infostealers and adware.

February 13, 2019 | By David Bisson

news

Man entering credit card information on a laptop: IcedID

article

IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites

The X-Force research team investigated the IcedID Trojan's two-step injection attack that enables it to steal access credentials and payment card data from e-commerce customers in North America.

February 6, 2019 | By Itzik Chimino

article

Security professional working in the office: SpeakUp Trojan

news

Attack Campaign Targets Linux Servers to Install New SpeakUp Trojan

Security researchers observed an attack campaign that is targeting Linux servers to install samples of the new SpeakUp Trojan.

February 5, 2019 | By David Bisson

news

Woman working on a computer in the office: gandcrab

news

Malvertising Campaign Delivers Vidar Information Stealer and GandCrab Ransomware

Researchers have spotted a malvertising campaign that is delivering two payloads to victims: the Vidar information stealer and GandCrab ransomware.

January 8, 2019 | By David Bisson

news

Man using a digital tablet to control IoT devices at home: mirai malware

news

New Variant of Mirai Malware Exploits Weak IoT Device Passwords to Conduct Brute-Force Attacks

Security researchers discovered a new variant of Mirai malware known as Miori that is targeting internet of things (IoT) devices to integrate into a larger botnet.

January 2, 2019 | By Shane Schick

news

Attackers Compromise Admin Account to Infect Manufacturing Company With BitPaymer Ransomware

Spear Phishing Report Card: Perfect Scores in School Security Pen Testing

Google 2FA Approach Turns Android Smartphones Into Security Keys

April Scams May Ruin Plans: Threat Actors Ramp Up for Tax Scam Season

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

How a Cunning Remote Overlay Malware Met Its Match

The US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

Credential Dumping Campaign Hits Multinational Corporations

Cybercriminals Spoof Major Accounting and Payroll Firms in Tax Season Malware Campaigns

Buffer Overflow Vulnerability in TP-Link Routers Can Allow Remote Attackers to Take Control

Podcast: Muscle Memory and Cyber Fitness Training

Podcast: Zero Trust and the Evolving Role of Identity and Access Management

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

Webinar: MacOS Management Made Easy with MaaS360

Webinar: Encryption is the Fastest Way to Protect Data

Webinar: Under the Radar: Live Webinar and Demo

Webinar: Facilitating Secure Hybrid Cloud Adoption with Guardium

Tag: Command-and-Control (C&C)

New Gustuff Android Trojan Capable of Targeting More Than 100 Banking Apps

Threat Actor Targets Japanese Users With New Ursnif Variant

Fileless Malware Targeting Brazilian and Thai Bank Customers With Multiple Threats

Attack Campaign Targets Organizations Worldwide With New Qbot Banking Malware Variant

New Golang Brute-Forcer Targeting E-Commerce Sites to Steal Personal and Payment Data

Malicious Windows EXE Files Infect macOS Users With Infostealers and Adware

IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites

Attack Campaign Targets Linux Servers to Install New SpeakUp Trojan

Malvertising Campaign Delivers Vidar Information Stealer and GandCrab Ransomware

New Variant of Mirai Malware Exploits Weak IoT Device Passwords to Conduct Brute-Force Attacks