Command-and-Control (C&C) - Security Intelligence

Cars stuck in traffic on a highway: C&C traffic

article

How to Leverage Log Services to Analyze C&C Traffic

Security teams can generate valuable insights about ongoing attacks by using log services and threat intelligence to analyze C&C traffic.

August 20, 2018 | By Koen Van Impe

article

Several devices, including a computer, a tablet and a mobile phone, that are susceptible to malware.

news

Samba Vulnerability Exposes NAS Devices to SHELLBIND Malware

The SHELLBIND Trojan exploits a recently patched Samba vulnerability to steal data from connected network-attached storage (NAS) devices.

July 20, 2017 | By Larry Loeb

news

Sphinx Trojan Command Server List Cracked

The Sphinx Trojan is based on the source code of the infamous Zeus banking Trojan. First seen around August 2015, Sphinx has been upgraded with a new method of randomizing the domain names it uses for the command-and-control (C&C) servers to...

October 25, 2016 | By Larry Loeb

news

Concealed C&C servers present users, organizations and security teams with a new problem: If security pros can't find the destination, defeating malware takes a backseat to damage control. It's the ideal scenario for cybercriminals.

news

C&C Servers Add Third ‘C’ With New Concealment Tools

Concealed C&C servers make it even more difficult for researchers to track down data dumps and stolen information repositories.

August 8, 2016 | By Douglas Bonderud

news

IBM Trusteer researchers recently discovered a new configuration of the evasive Citadel malware that is being used to compromise password management and authentication solutions. Strong, unique passwords are vital for keeping systems safe.

article

Cybercriminals Use Citadel to Compromise Password Management and Authentication Solutions

According to IBM Trusteer researchers, there is a new type of Citadel malware that is compromising password management and authentication solutions.

November 19, 2014 | By Dana Tamir

article

With so many layers of defense in place against these attackers, how do they keep getting through?

article

Uncloaking the Dark Arts of Evasive Malware

With all the security breaches, it seems like cybercriminals keep getting through. Malware is evolving to evade detection by traditional defenses.

November 3, 2014 | By Engin Kirda

article

Cybercriminals use several methods to defeat different forms of multifactor authentication. As more measures are put in place, it will be interesting to see how cybercriminals adapt their methods to get ahead of the newest security tactics.

article

How to Bypass Two-Factor Authentication (2FA) and What the Future Holds

Even as authentication techniques become more advanced, there are different ways cybercriminals can bypass two-factor authentication (2FA).

September 30, 2014 | By Etay Maor

article

Tinba malware, one of the most sophisticated financial malware toolkits in the world, has been spotted in the wild targeting a number of financial institutions across the globe. Hackers are staying ahead of researchers to keep attacking enterprises.

article

Tinba Malware Reloaded and Attacking Banks Around the World

IBM Security Trusteer researchers recently discovered a new Tinba variant exhibiting new, exciting features and making waves in an active malware campaign.

September 22, 2014 | By Assaf Regev

article