Malicious Code - Security Intelligence

Security professional working to protect his organization from the SLUB backdoor.

news

SLUB Backdoor Receives Commands From GitHub and Communicates Through Slack

Security researchers have discovered that the new SLUB backdoor is receiving attack commands from GitHub and relying on Slack for communicating with its attackers.

March 12, 2019 | By David Bisson

news

Man making an online purchase on laptop infected with Golang brute-forcer

news

New Golang Brute-Forcer Targeting E-Commerce Sites to Steal Personal and Payment Data

Researchers discovered new Trojan malware written in Golang that's targeting e-commerce websites with brute-force attacks.

February 27, 2019 | By David Bisson

news

Businesswoman targeted by a phishing attack looking at a fake Google reCAPTCHA on laptop

news

Phishing Campaign Uses Fake Google reCAPTCHA to Distribute Malware

A recent phishing campaign used a fake Google reCAPTCHA as part of its efforts to target Polish bank employees with malware.

February 26, 2019 | By David Bisson

news

Security professional working on her computer in the office: malvertising

article

What Can Consumers and IT Decision-Makers Do About the Threat of Malvertising?

Malvertising is one more threat that will keep your IT decision-makers up at night, but any company with a protection-first mindset should be able to remain ahead of the curve.

January 21, 2019 | By Mark Stone

article

Illustration of a malicious advertisement on a laptop screen: malvertising

article

How to Defend Against Malvertising Drive-By Attacks

Malvertising — malware delivered by internet advertisements — can infect your computer even if you don't click on it. But there are steps you can take to protect yourself now.

November 27, 2018 | By Grant Gross

article

A man writing code on a desktop computer: PowerShell attack

article

An Increase in PowerShell Attacks: Observations From IBM X-Force IRIS

Since the open source release of the PowerShell framework in 2016, IBM X-Force Incident Response and Intelligence Services (IRIS) has identified an upward trend in malicious PowerShell use.

October 12, 2018 | By Camille Singleton

article

A hand holding a physical representation of a bitcoin: crypto-mining

article

Enterprise Security Lessons From the Crypto-Mining Craze

Recent research has failed to pin down exactly how the current crypto-mining craze is trending, but companies can derive many key enterprise security lessons from the latest headline-grabbing threat.

March 20, 2018 | By Kacy Zurkus

article

A long hallway in a computer-server room.

news

WordPress Sites at Risk From PHP Code Execution

New attacks against unfinished installations of WordPress aim to give attackers admin access and the opportunity to run PHP code.

July 18, 2017 | By Mark Samuels

news

A smartphone with application icons coming out of the screen.

news

New Malware Gets Stronger by Using Real Apps in Banking Attacks

New malware is infiltrating bona fide apps, making banking Trojans harder to detect. Fortunately, it can be shut down if it is detected in time.

July 17, 2017 | By Shane Schick

news

Padlock and credit card on white keyboard

news

Let’s Get Physical: Malicious Script Magecart Expands Impact With Fraudulent Mail Forwarding

Malicious script Magecart is still going strong, allowing threat actors to hire U.S. mules to ship fraudulently purchased goods.

July 13, 2017 | By Douglas Bonderud

news

GlitchPOS Creator Offers Instructional Video to Make Deploying POS Malware Easier

New Mirai Variant Targets Business Presentation and Display Devices

Brute-Force Attack Wave Uses Legacy Protocols, Credential Dumps to Compromise Cloud Accounts

Threat Actors Use Fake Copyright Infringement Notifications in Instagram Hacking Campaign

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Security Considerations for Whatever Cloud Service Model You Adopt

At RSAC 2019, It’s Clear the World Needs More Public Interest Technologists

To Improve Critical Infrastructure Security, Bring IT and OT Together

5 Characteristics of an Effective Incident Response Team: Lessons From the Front Line

The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018

Spectre, Meltdown and More: What You Need to Know About Hardware Vulnerabilities

Stranger Danger: X-Force Red Finds 19 Vulnerabilities in Visitor Management Systems

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

X-Force Red in Action: Spotlight on Password Security With Dustin ‘Evil Mog’ Heywood

Podcast: Demystifying the Role of AI in Cybersecurity

Webinar: A Treatment Plan for UEM in Healthcare

Webinar: Cloud IAM: Your Key to Digital Transformation

Webinar: Under the Radar: March Live Webinar and Demo

Cyberattacks and the Airline Industry: The Strategic Threat Landscape

Tag: Malicious Code

SLUB Backdoor Receives Commands From GitHub and Communicates Through Slack

New Golang Brute-Forcer Targeting E-Commerce Sites to Steal Personal and Payment Data

Phishing Campaign Uses Fake Google reCAPTCHA to Distribute Malware

What Can Consumers and IT Decision-Makers Do About the Threat of Malvertising?

How to Defend Against Malvertising Drive-By Attacks

An Increase in PowerShell Attacks: Observations From IBM X-Force IRIS

Enterprise Security Lessons From the Crypto-Mining Craze

WordPress Sites at Risk From PHP Code Execution

New Malware Gets Stronger by Using Real Apps in Banking Attacks

Let’s Get Physical: Malicious Script Magecart Expands Impact With Fraudulent Mail Forwarding