Risk Management April 6, 2023

How to defend against extortion groups like Lapsus$

4 min read - The hacker group Lapsus$ (sometimes referred to as LAPSUS$ or simply Lapsus) is a relatively newer organization in the cyber arena. The group began to garner public attention in December 2021 after some successful attacks on major corporations, where even…

Intelligence & Analytics March 16, 2022

IOCs vs. IOAs — How to Effectively Leverage Indicators

4 min read - Cybersecurity teams are consistently tasked to identify cybersecurity attacks, adversarial behavior, advanced persistent threats and the dreaded zero-day vulnerability. Through this endeavor, there is a common struggle for cybersecurity practitioners and operational teams to appropriately leverage indicators of compromise (IOCs)…

Malware February 24, 2022

New destructive malware used In cyber attacks on Ukraine

8 min read - This post was written with contributions from IBM Security X-Force’s Anne Jobmann, Claire Zaboeva and Richard Emerson. February 25, 2022 Update On February 24 2022, Symantec Enterprise reported a ransomware dubbed as PartyTicket was deployed alongside the HermeticWiper malware. IBM…

Advanced Threats May 14, 2020

X-Force IRIS Overcomes Broken Decryption Mechanism in Jest Ransomware

10 min read - IBM X-Force Incident Response and Intelligence Services (IRIS) recently helped a company fend off a ransomware attack by building a custom decryptor for a strain of ransomware known as "Jest."

Malware May 11, 2020

Zeus Sphinx Back in Business: Some Core Modifications Arise

8 min read - With Zeus Sphinx back in the financial cybercrime arena, IBM X-Force is providing a technical analysis of the Sphinx Trojan's current version, which was first released in the wild in late 2019.

Advanced Threats March 18, 2020

EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan

9 min read - In recent analysis of malicious activity likely targeting entities based in the Middle East, IBM X-Force IRIS discovered a backdoor malware strain we named "EnigmaSpark."

Malware March 12, 2020

PXJ Ransomware Campaign Identified by X-Force IRIS

4 min read - In a recent analysis from IBM's X-Force Incident Response and Intelligence Services (IRIS), our team discovered activity related to a new strain of ransomware known as PXJ ransomware.

Advanced Threats January 8, 2020

From Mega to Giga: Cross-Version Comparison of Top MegaCortex Modifications

9 min read - MegaCortex seems to be looking for ways to improve, and with each version upgrading the previous release's functions, our team took a closer look at some of the highlights.

September 16, 2019

InnfiRAT Malware Skitters Onto Systems, Sinks Teeth Into Cryptocurrency Data

2 min read - The InnfiRAT malware is skittering onto devices and covering its tracks in hopes of grabbing crypto-wallet credentials.

Threat Intelligence May 27, 2019

HawkEye Malware Operators Renew Attacks on Business Users

3 min read - IBM X-Force researchers report an increase in HawkEye v9 keylogger infection campaigns targeting businesses around the world.