Cybercriminals - Security Intelligence

Analysts working on a cyber deterrence strategy in a security operations center.

article

The Cyber Attribution Dilemma: 3 Barriers to Cyber Deterrence

The concept of mutually assured destruction (MAD) has historically prevented nuclear war, but threat actors' advanced obfuscation techniques have made cyber deterrence difficult if not impossible.

December 28, 2018 | By Jan Dyment

article

news

CARROTBAT Malware Family Supports at Least 12 Unique Decoy Documents

A malware family known as CARROTBAT is currently using at least 12 unique decoy documents to spread itself among unsuspecting users.

December 13, 2018 | By David Bisson

news

A man looking at a desktop computer: Sednit

news

Sednit Threat Group Adds Delphi Dropper and Mail Downloader to Zebrocy Toolset

Security researchers observed the Sednit threat group distributing Zebrocy malware using a Delphi dropper and mail downloader.

December 7, 2018 | By David Bisson

news

A businessman using a mobile phone: mobile malware

news

FakeSpy And XLoader Mobile Malware May Come From Yanbian Gang

Security researchers revealed that two mobile malware threats, Xloader and FakeSpy, may have been developed and launched by the same cybercriminal group.

December 3, 2018 | By Shane Schick

news

Professionals on the steps of a government building: Cannon Trojan

news

Sofacy Group Targets Government Organizations With New Cannon Trojan

The Sofacy group recently targeted several government organizations around the world with the new Cannon Trojan.

November 29, 2018 | By David Bisson

news

A businessman using a laptop: remote access Trojan

news

TA505 Threat Group Distributes Previously Undocumented tRat Remote Access Trojan

Researchers observed the TA505 threat group spreading a previously undocumented remote access Trojan (RAT) called tRaT.

November 20, 2018 | By David Bisson

news

Illustration of a chain in a crisscross formation over a laptop screen: ransomware-as-a-service

news

Ransomware-as-a-Service Program Offers Affiliates Up to 75 Percent of Revenue to Spread Infection

A ransomware-as-a-service program called FilesLocker offers affiliates commissions of up to 75 percent on all revenue stolen from victims.

November 8, 2018 | By Shane Schick

news

news

Destructive Attacks Spike in Q3, Putting Election Security at Risk

Nearly one-third of incidents reported in Q3 were classified as "destructive attacks," according to a recent report, putting election security at risk leading up to the 2018 midterms.

November 5, 2018 | By David Bisson

news

Illustration of a magnifying glass over a laptop with email icons representing phishing detection.

news

Fraudsters Abuse Trusted Web Services to Conduct Phishing Attacks

Researchers reported that threat actors are using web services such as Google Drive, SharePoint and Dropbox to host files containing malicious links as part of phishing campaigns.

October 30, 2018 | By David Bisson

news

A man typing code on a desktop computer: malware classification

news

Threat Actors Use Delphi Packer to Shield Binaries From Malware Classification

Security researchers observed threat actors using a Delphi packer to shield their binaries from malware classification by antivirus and other detection tools.

October 9, 2018 | By David Bisson

news

SWEED Threat Actor Uses Typosquatting, UAC Bypasses to Distribute Agent Tesla

UK Government Urges Organizations to Defend Against DNS Hijacking

Telegram, WhatsApp Vulnerability Exposes Media Files to Tampering

Digital Attackers Now Using 16Shop Phishing Kit to Target Amazon Users

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

CISO of Major UK Retailer Weighs in on Enterprise IoT Security

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

I Can’t Believe Mirais: Tracking the Infamous IoT Malware

Threat Intelligence Is the SOC’s Road Map to DNS Security

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?

Podcast: IT’s Eyes and Ears — The Evolving Security Operations Center (SOC)

Podcast: Reducing Third-Party Risk

Podcast: Development Agility and Open-Source Vulnerability Prioritization

Podcast: Lateral Movement: Combating High-Risk, Low-Noise Threats

Webinar: Protecting Office365 with IBM Cloud Identity and MaaS360

Webinar: Wandera & IBM Introduce the Next Level of Access Management

Webinar: How to Outmatch Data Security Challenges with Cost-Effective, Practical Strategies

Webinar: Total Recon: See You Online, Richter

Tag: Cybercriminals

The Cyber Attribution Dilemma: 3 Barriers to Cyber Deterrence

CARROTBAT Malware Family Supports at Least 12 Unique Decoy Documents

Sednit Threat Group Adds Delphi Dropper and Mail Downloader to Zebrocy Toolset

FakeSpy And XLoader Mobile Malware May Come From Yanbian Gang

Sofacy Group Targets Government Organizations With New Cannon Trojan

TA505 Threat Group Distributes Previously Undocumented tRat Remote Access Trojan

Ransomware-as-a-Service Program Offers Affiliates Up to 75 Percent of Revenue to Spread Infection

Destructive Attacks Spike in Q3, Putting Election Security at Risk

Fraudsters Abuse Trusted Web Services to Conduct Phishing Attacks

Threat Actors Use Delphi Packer to Shield Binaries From Malware Classification