Dark Web - Security Intelligence

Security professionals working in an office: HawkEye

article

HawkEye Malware Operators Renew Attacks on Business Users

IBM X-Force researchers report an increase in HawkEye v9 keylogger infection campaigns targeting businesses around the world.

May 27, 2019 | By Limor Kessem

article

Two programmers working on security controls to detect black market tls/ssl certificates

article

Dark Web TLS/SSL Certificates Highlight Need for Shift to Zero Trust Security

Some of the latest website security threats originate from thriving dark web marketplaces for TLS/SSL certificates, which often come packaged with other cybercrime services.

April 11, 2019 | By Koen Van Impe

article

Waitress using a POS system: POS malware

news

GlitchPOS Creator Offers Instructional Video to Make Deploying POS Malware Easier

Security researchers discovered a strain of POS malware dubbed GlitchPOS that comes with an instructional video to help would-be cybercriminals steal credit card data.

March 20, 2019 | By Shane Schick

news

news

WinPot Malware Uses Slot Machine-Like Interface to Empty ATMs

A new threat known as WinPot malware is using a slot machine-like interface to empty ATMs at targeted financial institutions.

February 20, 2019 | By David Bisson

news

A young woman using her mobile phone and laptop in a coffee shop: financial cybercrime

article

Easy Does It! A Timely Look Into Fraud TTPs in the Brazilian Financial Cybercrime Landscape

In this first article of a two-part series, IBM X-Force exposes some of its research on the typical malware and tactics, techniques and procedures (TTPs) used in Brazilian financial cybercrime.

November 21, 2018 | By André Piva

article

Illustration of a chain in a crisscross formation over a laptop screen: ransomware-as-a-service

news

Ransomware-as-a-Service Program Offers Affiliates Up to 75 Percent of Revenue to Spread Infection

A ransomware-as-a-service program called FilesLocker offers affiliates commissions of up to 75 percent on all revenue stolen from victims.

November 8, 2018 | By Shane Schick

news

A man typing code on a desktop computer: malware classification

news

Threat Actors Use Delphi Packer to Shield Binaries From Malware Classification

Security researchers observed threat actors using a Delphi packer to shield their binaries from malware classification by antivirus and other detection tools.

October 9, 2018 | By David Bisson

news

Computer screen with code and the word "malware": malware builder

news

Gazorp Malware Builder Offers Free, Customized AZORult Attacks on the Dark Web

A new malware builder known as Gazorp lets threat actors create free, customized AZORult attacks on the dark web.

October 5, 2018 | By Douglas Bonderud

news

A woman looking at her smartphone: malware-as-a-service

news

New Malware-as-a-Service Threat Targets Android Phones

Security researchers discovered a new malware-as-a-service offering designed to enable cybercriminals to infect Android phones and block users from running security solutions on their devices.

September 28, 2018 | By Wylie Wong

news

A vector illustration of different parts of the darknet.

article

7 Ways to Identify Darknet Cybersecurity Risks

Explore seven characteristics of security risk from the dark and hidden web. Learn how organizations can capture the latent value of dark-sourced threat intelligence.

August 6, 2018 | By Jasmine Henry

article

Fraudsters Abuse Smartphone Google Calendar Feature to Push Through Scam Offers

Latest Mirai Malware Variant Contains 18 Exploits, Focuses on Embedded IoT Devices

Extortion Scam Threatens Website Owners With Reputational Damage

Attack Campaign Exploits CVE-2019-2725, Abuses Certificate Files to Deliver Monero Miner

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Observations of ITG07 Cyber Operations

Getting Quantum Ready and What This Means for Cryptography

HawkEye Malware Operators Renew Attacks on Business Users

GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

Podcast: Lateral Movement: Combating High-Risk, Low-Noise Threats

Podcast: Travel Security: Why Data Safety Doesn’t Get a Day Off

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Podcast: Foundations for a Winning Operational Technology (OT) Security Strategy

Webinar: Under the Radar: IBM QRadar Demo Series

Webinar: Appliance Networking Topics

Webinar: zSecure Real Time Feeds: Alert vs. Audit

Webinar: zSecure Real Time Feeds: Alert vs. Audit

Tag: Dark Web

HawkEye Malware Operators Renew Attacks on Business Users

Dark Web TLS/SSL Certificates Highlight Need for Shift to Zero Trust Security

GlitchPOS Creator Offers Instructional Video to Make Deploying POS Malware Easier

WinPot Malware Uses Slot Machine-Like Interface to Empty ATMs

Easy Does It! A Timely Look Into Fraud TTPs in the Brazilian Financial Cybercrime Landscape

Ransomware-as-a-Service Program Offers Affiliates Up to 75 Percent of Revenue to Spread Infection

Threat Actors Use Delphi Packer to Shield Binaries From Malware Classification

Gazorp Malware Builder Offers Free, Customized AZORult Attacks on the Dark Web

New Malware-as-a-Service Threat Targets Android Phones

7 Ways to Identify Darknet Cybersecurity Risks