X-Force observed attackers using known Drupal vulnerabilities, including Drupalgeddon, to target websites and the underlying infrastructure that hosts them, leveraging Shellbot to open backdoors.
A new malware builder known as Gazorp lets threat actors create free, customized AZORult attacks on the dark web.
A new zero-day vulnerability affecting Windows 7 through 10 was recently disclosed on Twitter. Within two days, security researchers spotted it in the wild.
IBM X-Force researchers unpacked ExoBot's inner workings to reveal insights into its dynamic mechanisms and the features that help criminals use it in cross-channel bank fraud schemes.
The creators of a ransomware-as-a-service threat dubbed Princess Evolution are looking for affiliates to spread the Rig exploit kit in exchange for 60 percent of what's stolen.
Security teams can generate valuable insights about ongoing attacks by using log services and threat intelligence to analyze C&C traffic.
The SHELLBIND Trojan exploits a recently patched Samba vulnerability to steal data from connected network-attached storage (NAS) devices.
The Sphinx Trojan is based on the source code of the infamous Zeus banking Trojan. First seen around August 2015, Sphinx has been upgraded with a new method of randomizing the domain names it uses for the command-and-control (C&C) servers to...
Concealed C&C servers make it even more difficult for researchers to track down data dumps and stolen information repositories.
According to IBM Trusteer researchers, there is a new type of Citadel malware that is compromising password management and authentication solutions.