Malware April 30, 2020 TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam 4 min read - Recent analysis from IBM X-Force spam traps uncovered a new Trickbot campaign that currently targets email recipients with fake messages purporting to come from the U.S. Department of Labor.
Advanced Threats April 14, 2020 TA505 Continues to Infect Networks With SDBbot RAT 7 min read - IBM X-Force IRIS recently identified attacks likely linked to Hive0065, also known as TA505, which spread the SDBbot remote-access Trojan (RAT) alongside other custom malware.
Malware March 30, 2020 Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy 7 min read - The renewed Zeus Sphinx activity that IBM X-Force is seeing features a modified variant targeting online banking users in North America and Australia through the use of maldocs themed around COVID-19.
Threat Intelligence February 26, 2020 What’s Old Is New, What’s New Is Old: Aged Vulnerabilities Still in Use in Attacks Today 5 min read - Two vulnerabilities that were reported and patched in 2017 were used in nearly 90 percent of malspam messages in 2019. Why would threat actors use these old, well-known exploits in their attacks?
November 18, 2019 TA2101 Threat Actor Targeted German, Italian and US Organizations With Maze Ransomware 2 min read - Security analysts have observed a relatively new threat actor called TA2101 targeting German, Italian and U.S. organizations with malicious emails carrying samples of Maze ransomware.
September 25, 2019 Zebrocy Malware Receives Updated Downloaders, Backdoor in New Attack Campaign 2 min read - Attackers launched a new campaign that leveraged updated downloaders and a backdoor to distribute samples of the Zebrocy malware family.
August 13, 2019 Sophisticated Dropper Masqueraded as Fake DHL Invoice to Distribute Ursnif Malware 2 min read - Digital attackers took a sophisticated dropper and disguised it as a fake DHL shipping invoice to distribute Ursnif malware.
August 12, 2019 Ursnif Malware Campaign Used Multiple Anti-Analysis Tactics 2 min read - Security researchers came across a new Ursnif malware campaign that used multiple anti-analysis techniques to avoid detection.
July 15, 2019 Weekly Security News Roundup: Zero-Day Vulnerability Exploited in Buhtrap Attack Campaign 3 min read - Last week, security researchers identified a zero-day vulnerability that was instrumental in a targeted attack against companies in Eastern Europe.
Endpoint May 20, 2019 How to Fight Back Against Macro Malware 6 min read - Per X-Force IRIS, at least 22 percent of reported campaigns in April 2019 delivered macro malware. What methods can defenders leverage to help detect malicious macro activity?