Application Security January 25, 2023

Kronos Malware Reemerges with Increased Functionality

6 min read - The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of…

Software Vulnerabilities January 17, 2023

Self-Checkout This Discord C2

5 min read - This post was made possible through the contributions of James Kainth, Joseph Lozowski, and Philip Pedersen. In November 2022, during an incident investigation involving a self-checkout point-of-sale (POS) system in Europe, IBM Security X-Force identified a novel technique employed by…

Software Vulnerabilities October 17, 2022

Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1

9 min read - Command & Control (C2) frameworks are a very sensitive component of Red Team operations. Often, a Red Team will be in a highly privileged position on a target’s network, and a compromise of the C2 framework could lead to a…

June 2, 2020

Trickbot Using BazarBackdoor to Gain Full Access to Targeted Networks

2 min read - Security researchers observed the Trickbot operators using a new backdoor called "BazarBackdoor" to gain full access to targeted networks.

June 1, 2020

Weekly Security News Roundup: Average Ransomware Demand Grew 14 Times in One Year

3 min read - Researchers revealed that the average ransomware demand grew 14 times over a one-year period from 2018 to 2019. Read on to learn what else happened last week in security news.

May 25, 2020

Weekly Security News Roundup: ‘Silent Night’ Malware Reminiscent of ZeuS

3 min read - Researchers observed digital criminals selling a new malware strain based on the ZeuS family called "Silent Night." Read on to learn what else happened last week in security news.

May 12, 2020

Astaroth Trojan Employed YouTube Channels as C&C to Evade Detection

2 min read - A new variant of the Astaroth Trojan family employed YouTube channels for command-and-control (C&C) functionality in order to evade detection.

May 11, 2020

Weekly Security News Roundup: Dacls RAT Begins Targeting Mac Users

3 min read - Security researchers observed a new version of the Lazarus Group's Dacls RAT targeting Mac users via a trojanized 2FA app. Read on to learn what else happened last week in security news.

Malware May 11, 2020

Zeus Sphinx Back in Business: Some Core Modifications Arise

8 min read - With Zeus Sphinx back in the financial cybercrime arena, IBM X-Force is providing a technical analysis of the Sphinx Trojan's current version, which was first released in the wild in late 2019.

May 6, 2020

New ‘Kaiji’ Linux Malware Targeting IoT Devices

2 min read - A new Linux malware strain known as "Kaiji" is targeting internet of things (IoT) devices via SSH brute-force attacks.