Exploit - Security Intelligence

Security professional working on a computer in the office: Spelevo

news

Attack Campaign Leverages B2B Site to Distribute New Spelevo Exploit Kit

A recent attack campaign leveraged a business-to-business (B2B) website to distribute a new exploit kit named Spelevo.

July 1, 2019 | By David Bisson

news

IT technician working in a data center: BlueKeep

article

How to Patch BlueKeep and Get to Know Your Company’s Critical Assets

In theory, dealing with BlueKeep should be no different from dealing with other vulnerabilities. Unfortunately, many organizations are lagging in their patch management efforts.

June 14, 2019 | By Koen Van Impe

article

A woman using a smart home controller: Mirai malware

news

Latest Mirai Malware Variant Contains 18 Exploits, Focuses on Embedded IoT Devices

Researchers discovered a Mirai malware variant with 18 exploits targeting embedded internet of things (IoT) devices.

June 12, 2019 | By Shane Schick

news

A security professional analyzes code for a Monero miner.

news

Attack Campaign Exploits CVE-2019-2725, Abuses Certificate Files to Deliver Monero Miner

Researchers observed an attack campaign exploiting CVE-2019-2725 and abusing certificate files to deliver a Monero miner.

June 11, 2019 | By David Bisson

news

Woman opening Monero-mining malware on an office computer.

news

Fileless Attack Campaign Leverages PCASTLE to Distribute XMRig Monero-Mining Malware

According to researchers, the fileless attack uses PCASTLE to distribute samples of XMRig, a well-known Monero-mining malware family.

June 11, 2019 | By David Bisson

news

A programmer analyzes computer code for vulnerabilities: blacksquid malware

news

BlackSquid Malware Capable of Abusing 8 Exploits to Install XMRig Monero Miner

The new BlackSquid malware is capable of abusing eight notorious exploits in its attempts to install the XMRig Monero miner.

June 5, 2019 | By David Bisson

news

Woman researching Sodinokibi attacks: ransomware

news

Sodinokibi Ransomware Fixes Scaling Issues, Targets Large Enterprises

Recent variants of Sodinokibi accounted for scaling issues as the ransomware family steadily moves to target large enterprises.

May 28, 2019 | By David Bisson

news

Hundreds of Thousands of Users Targeted Daily With Would-Be WannaCry Imitators

Two years since the WannaCry attacks wreaked havoc around the world, researchers say hundreds of thousands of people are being targeted with the EternalBlue exploit on which it was based.

May 21, 2019 | By Shane Schick

news

Professional working on a laptop with Bluetooth headphones: ScarCruft

news

ScarCruft Threat Group Using Malware to Steal Information From Bluetooth Devices

An advanced persistent threat (APT) group known as ScarCruft is now using malware to steal information off of Bluetooth devices.

May 14, 2019 | By David Bisson

news

Security researchers analyzing SAP vulnerabilities.

article

Published Exploits for Accessing SAP Systems Put Security Teams on Alert

Researchers published two pieces of exploit code that can allow anyone to interact with an organization's SAP enterprise resource planning platform and perform unauthorized transactions.

May 2, 2019 | By Abby Ross

article

SWEED Threat Actor Uses Typosquatting, UAC Bypasses to Distribute Agent Tesla

UK Government Urges Organizations to Defend Against DNS Hijacking

Telegram, WhatsApp Vulnerability Exposes Media Files to Tampering

Digital Attackers Now Using 16Shop Phishing Kit to Target Amazon Users

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

CISO of Major UK Retailer Weighs in on Enterprise IoT Security

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Threat Intelligence Is the SOC’s Road Map to DNS Security

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?

Taking Over the Overlay: Reverse Engineering a Brazilian Remote Access Trojan (RAT)

Podcast: IT’s Eyes and Ears — The Evolving Security Operations Center (SOC)

Podcast: Reducing Third-Party Risk

Podcast: Development Agility and Open-Source Vulnerability Prioritization

Podcast: Lateral Movement: Combating High-Risk, Low-Noise Threats

Webinar: Protecting Office365 with IBM Cloud Identity and MaaS360

Webinar: Wandera & IBM Introduce the Next Level of Access Management

Webinar: How to Outmatch Data Security Challenges with Cost-Effective, Practical Strategies

Webinar: Total Recon: See You Online, Richter

Tag: Exploit

Attack Campaign Leverages B2B Site to Distribute New Spelevo Exploit Kit

How to Patch BlueKeep and Get to Know Your Company’s Critical Assets

Latest Mirai Malware Variant Contains 18 Exploits, Focuses on Embedded IoT Devices

Attack Campaign Exploits CVE-2019-2725, Abuses Certificate Files to Deliver Monero Miner

Fileless Attack Campaign Leverages PCASTLE to Distribute XMRig Monero-Mining Malware

BlackSquid Malware Capable of Abusing 8 Exploits to Install XMRig Monero Miner

Sodinokibi Ransomware Fixes Scaling Issues, Targets Large Enterprises

Hundreds of Thousands of Users Targeted Daily With Would-Be WannaCry Imitators

ScarCruft Threat Group Using Malware to Steal Information From Bluetooth Devices

Published Exploits for Accessing SAP Systems Put Security Teams on Alert