JavaScript - Security Intelligence

Two security professionals discussing a Shade ransomware infection

news

Shade Ransomware Campaign Compromises at Least 500 WordPress and Joomla Websites

Security researchers discovered a hidden HTTP directory that is allowing threat actors to install Shade ransomware on WordPress and Joomla websites.

April 3, 2019 | By Shane Schick

news

Woman using computer infected with Shade ransomware

news

Threat Actors Impersonate Oil and Gas Companies in Latest Shade Ransomware Attack

Digital criminals tried to impersonate oil and gas companies in a recent attack campaign distributing Shade ransomware.

February 20, 2019 | By David Bisson

news

Woman shopping online with her credit card: JavaScript attack

news

Magecart Group’s Use of Credit Card-Skimming JavaScript Attack on the Rise

An online retailer was hit by a JavaScript attack from a group associated with Magecart, a collective of cybercriminals that specializes in skimming credit card numbers from compromised websites.

December 14, 2018 | By Shane Schick

news

news

Popular JavaScript Library for Node.JS Infected With Malware to Empty Bitcoin Wallets

For several months, a version of a popular JavaScript library for Node.js contained malicious code that enabled digital attackers to compromise users' bitcoin wallets.

December 11, 2018 | By David Bisson

news

Illustration of a syringe injecting red liquid into a computer monitor: watering hole campaign

news

OceanLotus Watering Hole Campaign Compromises 21 High-Profile Southeast Asian Websites

A watering hole campaign that has been active in Southeast Asia since September has compromised at least 21 websites, including government and media domains.

November 29, 2018 | By Shane Schick

news

Many CPUs facilitating crypto-mining malware.

news

Threat Actors Obfuscate JavaScript to Hide Crypto-Mining Malware

Cybercriminals buried crypto-mining malware inside compromised websites in an effort to hijack victims' computing resources.

October 17, 2018 | By Shane Schick

news

Cacti in an open field: fileless malware

news

Fileless Malware CactusTorch Executes Harmful .NET Assemblies From Memory

Security researchers observed CactusTorch, a fileless malware, using a .NET executable to run harmful .NET assemblies from memory.

August 9, 2018 | By David Bisson

news

A woman checking her email on a desktop computer.

article

Analyzing PDF and Office Documents Delivered Via Malspam

Endpoint detection and antiphishing tools can help users filter basic spam email, but detecting malspam in PDF and Microsoft Office documents requires a more thorough investigation.

May 1, 2018 | By Koen Van Impe

article

Seashells and coins on a desktop computer keyboard.

news

What the Shell? New Security Breach Uses CHM Files to Cover Banking Trojans

A new banking Trojan is using old PowerShell tricks to hide its activity from detection tools by continually launching malicious CHM files.

October 10, 2017 | By Douglas Bonderud

news

Stock market application displayed on a mobile phone.

news

Mobile Stock Trading Apps Vulnerable to Attack

Over 20 mobile apps commonly used for stock trading are not very secure, according to recent security research.

September 28, 2017 | By Larry Loeb

news

Attackers Compromise Admin Account to Infect Manufacturing Company With BitPaymer Ransomware

Spear Phishing Report Card: Perfect Scores in School Security Pen Testing

Google 2FA Approach Turns Android Smartphones Into Security Keys

April Scams May Ruin Plans: Threat Actors Ramp Up for Tax Scam Season

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

How a Cunning Remote Overlay Malware Met Its Match

The US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

Credential Dumping Campaign Hits Multinational Corporations

Cybercriminals Spoof Major Accounting and Payroll Firms in Tax Season Malware Campaigns

Buffer Overflow Vulnerability in TP-Link Routers Can Allow Remote Attackers to Take Control

Podcast: Muscle Memory and Cyber Fitness Training

Podcast: Zero Trust and the Evolving Role of Identity and Access Management

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

Webinar: MacOS Management Made Easy with MaaS360

Webinar: Encryption is the Fastest Way to Protect Data

Webinar: Under the Radar: Live Webinar and Demo

Webinar: Facilitating Secure Hybrid Cloud Adoption with Guardium

Tag: JavaScript

Shade Ransomware Campaign Compromises at Least 500 WordPress and Joomla Websites

Threat Actors Impersonate Oil and Gas Companies in Latest Shade Ransomware Attack

Magecart Group’s Use of Credit Card-Skimming JavaScript Attack on the Rise

Popular JavaScript Library for Node.JS Infected With Malware to Empty Bitcoin Wallets

OceanLotus Watering Hole Campaign Compromises 21 High-Profile Southeast Asian Websites

Threat Actors Obfuscate JavaScript to Hide Crypto-Mining Malware

Fileless Malware CactusTorch Executes Harmful .NET Assemblies From Memory

Analyzing PDF and Office Documents Delivered Via Malspam

What the Shell? New Security Breach Uses CHM Files to Cover Banking Trojans

Mobile Stock Trading Apps Vulnerable to Attack