Credentials Theft - Security Intelligence

Man working on a laptop infected with cryptomining malware

news

Attackers Use EternalBlue and PowerShell Scripts to Spread Cryptomining Malware Across Asia

A cryptomining malware campaign originally discovered in January is now using the EternalBlue exploit to target users in Asia, according to security researchers.

April 15, 2019 | By Shane Schick

news

Two programmers working on security controls to detect black market tls/ssl certificates

article

Dark Web TLS/SSL Certificates Highlight Need for Shift to Zero Trust Security

Some of the latest website security threats originate from thriving dark web marketplaces for TLS/SSL certificates, which often come packaged with other cybercrime services.

April 11, 2019 | By Koen Van Impe

article

Professionals working on a computer targeted by phishing campaign

news

Phishing Campaign Makes Use of SingleFile Browser Extension Tool to Obfuscate Malicious Activity

In a recent phishing campaign, fraudsters used a legitimate browser extension tool called SingleFile to obfuscate their attacks and remain undetected.

April 9, 2019 | By David Bisson

news

Two security professionals discussing a Shade ransomware infection

news

Shade Ransomware Campaign Compromises at Least 500 WordPress and Joomla Websites

Security researchers discovered a hidden HTTP directory that is allowing threat actors to install Shade ransomware on WordPress and Joomla websites.

April 3, 2019 | By Shane Schick

news

Professional using a smartphone infected with an Android Trojan

news

New Gustuff Android Trojan Capable of Targeting More Than 100 Banking Apps

Researchers detected a new Android Trojan called Gustuff that is capable of targeting more than 100 mobile banking apps.

April 2, 2019 | By David Bisson

news

Businesswoman checking her email: brute-force attack

news

Brute-Force Attack Wave Uses Legacy Protocols, Credential Dumps to Compromise Cloud Accounts

A massive brute-force attack campaign used both legacy protocols and credential dumps to compromise cloud user accounts, according to security researchers.

March 20, 2019 | By David Bisson

news

Social media influencer using smartphone targeted in Instagram hacking campaign

news

Threat Actors Use Fake Copyright Infringement Notifications in Instagram Hacking Campaign

Security researchers discovered that attackers are using fake copyright infringement notifications as part of a recent Instagram hacking campaign.

March 19, 2019 | By David Bisson

news

Professional working on a laptop in the office targeted with Ursnif banking malware

news

Threat Actor Targets Japanese Users With New Ursnif Variant

Security researchers discovered an attack campaign targeting Japanese users with a new variant of Ursnif banking malware.

March 13, 2019 | By David Bisson

news

Man using laptop for online banking targeted with fileless malware

news

Fileless Malware Targeting Brazilian and Thai Bank Customers With Multiple Threats

Security researchers discovered a new fileless malware strain targeting bank customers in Brazil and Thailand with a hack tool and at least two infostealers.

March 6, 2019 | By David Bisson

news

Woman working on laptop targeted in Qbot malware campaign

news

Attack Campaign Targets Organizations Worldwide With New Qbot Banking Malware Variant

Security researchers spotted a new attack campaign that's targeting organizations in several countries with a new variant of Qbot banking malware.

March 4, 2019 | By David Bisson

news

Attackers Compromise Admin Account to Infect Manufacturing Company With BitPaymer Ransomware

Spear Phishing Report Card: Perfect Scores in School Security Pen Testing

Google 2FA Approach Turns Android Smartphones Into Security Keys

April Scams May Ruin Plans: Threat Actors Ramp Up for Tax Scam Season

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

How a Cunning Remote Overlay Malware Met Its Match

The US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

Credential Dumping Campaign Hits Multinational Corporations

Cybercriminals Spoof Major Accounting and Payroll Firms in Tax Season Malware Campaigns

Buffer Overflow Vulnerability in TP-Link Routers Can Allow Remote Attackers to Take Control

Podcast: Muscle Memory and Cyber Fitness Training

Podcast: Zero Trust and the Evolving Role of Identity and Access Management

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

Webinar: MacOS Management Made Easy with MaaS360

Webinar: Encryption is the Fastest Way to Protect Data

Webinar: Under the Radar: Live Webinar and Demo

Webinar: Facilitating Secure Hybrid Cloud Adoption with Guardium

Tag: Credentials Theft

Attackers Use EternalBlue and PowerShell Scripts to Spread Cryptomining Malware Across Asia

Dark Web TLS/SSL Certificates Highlight Need for Shift to Zero Trust Security

Phishing Campaign Makes Use of SingleFile Browser Extension Tool to Obfuscate Malicious Activity

Shade Ransomware Campaign Compromises at Least 500 WordPress and Joomla Websites

New Gustuff Android Trojan Capable of Targeting More Than 100 Banking Apps

Brute-Force Attack Wave Uses Legacy Protocols, Credential Dumps to Compromise Cloud Accounts

Threat Actors Use Fake Copyright Infringement Notifications in Instagram Hacking Campaign

Threat Actor Targets Japanese Users With New Ursnif Variant

Fileless Malware Targeting Brazilian and Thai Bank Customers With Multiple Threats

Attack Campaign Targets Organizations Worldwide With New Qbot Banking Malware Variant