Malicious Code - Security Intelligence

Security professional analyzing mobile malware threats

article

What Happens When Malware Sneaks Into Reputable Hardware, Applications and App Stores?

To avoid malware, always get hardware and software from authorized and reputable sources and vendors, right? But what happens when those same sources actually contain or deliver malicious payloads?

April 12, 2019 | By Mike Elgan

article

Security professional working to protect his organization from the SLUB backdoor.

news

SLUB Backdoor Receives Commands From GitHub and Communicates Through Slack

Security researchers have discovered that the new SLUB backdoor is receiving attack commands from GitHub and relying on Slack for communicating with its attackers.

March 12, 2019 | By David Bisson

news

Man making an online purchase on laptop infected with Golang brute-forcer

news

New Golang Brute-Forcer Targeting E-Commerce Sites to Steal Personal and Payment Data

Researchers discovered new Trojan malware written in Golang that's targeting e-commerce websites with brute-force attacks.

February 27, 2019 | By David Bisson

news

Businesswoman targeted by a phishing attack looking at a fake Google reCAPTCHA on laptop

news

Phishing Campaign Uses Fake Google reCAPTCHA to Distribute Malware

A recent phishing campaign used a fake Google reCAPTCHA as part of its efforts to target Polish bank employees with malware.

February 26, 2019 | By David Bisson

news

Security professional working on her computer in the office: malvertising

article

What Can Consumers and IT Decision-Makers Do About the Threat of Malvertising?

Malvertising is one more threat that will keep your IT decision-makers up at night, but any company with a protection-first mindset should be able to remain ahead of the curve.

January 21, 2019 | By Mark Stone

article

Illustration of a malicious advertisement on a laptop screen: malvertising

article

How to Defend Against Malvertising Drive-By Attacks

Malvertising — malware delivered by internet advertisements — can infect your computer even if you don't click on it. But there are steps you can take to protect yourself now.

November 27, 2018 | By Grant Gross

article

A man writing code on a desktop computer: PowerShell attack

article

An Increase in PowerShell Attacks: Observations From IBM X-Force IRIS

Since the open source release of the PowerShell framework in 2016, IBM X-Force Incident Response and Intelligence Services (IRIS) has identified an upward trend in malicious PowerShell use.

October 12, 2018 | By Camille Singleton

article

A hand holding a physical representation of a bitcoin: crypto-mining

article

Enterprise Security Lessons From the Crypto-Mining Craze

Recent research has failed to pin down exactly how the current crypto-mining craze is trending, but companies can derive many key enterprise security lessons from the latest headline-grabbing threat.

March 20, 2018 | By Kacy Zurkus

article

A long hallway in a computer-server room.

news

WordPress Sites at Risk From PHP Code Execution

New attacks against unfinished installations of WordPress aim to give attackers admin access and the opportunity to run PHP code.

July 18, 2017 | By Mark Samuels

news

A smartphone with application icons coming out of the screen.

news

New Malware Gets Stronger by Using Real Apps in Banking Attacks

New malware is infiltrating bona fide apps, making banking Trojans harder to detect. Fortunately, it can be shut down if it is detected in time.

July 17, 2017 | By Shane Schick

news

More Than 100 US Businesses Affected by Ryuk Ransomware Since August 2018, Finds FBI

Detections of Dharma Ransomware Rise 148 Percent Between February and April 2019

Malware Campaign Uses MitM Attack to Distribute Plead Backdoor

ScarCruft Threat Group Using Malware to Steal Information From Bluetooth Devices

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015

Published Exploits for Accessing SAP Systems Put Security Teams on Alert

Penetration Testing Versus Red Teaming: Clearing the Confusion

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Podcast: Foundations for a Winning Operational Technology (OT) Security Strategy

Podcast: ‘You Can Never Have Too Much Encryption’

Podcast: Automating Cyber Resilience Best Practices With Dr. Larry Ponemon

Webinar: Guardium Tech Talk: An Integrated Approach to Data Risk Management

Webinar: The Debrief: Using Tools and Methods From the Intelligence Community to Stop Threats to Your Organization

Webinar: Operational Technology Security in the Age of Digital Transformation

Webinar: Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on the Cyber Resilient Organization

Tag: Malicious Code

What Happens When Malware Sneaks Into Reputable Hardware, Applications and App Stores?

SLUB Backdoor Receives Commands From GitHub and Communicates Through Slack

New Golang Brute-Forcer Targeting E-Commerce Sites to Steal Personal and Payment Data

Phishing Campaign Uses Fake Google reCAPTCHA to Distribute Malware

What Can Consumers and IT Decision-Makers Do About the Threat of Malvertising?

How to Defend Against Malvertising Drive-By Attacks

An Increase in PowerShell Attacks: Observations From IBM X-Force IRIS

Enterprise Security Lessons From the Crypto-Mining Craze

WordPress Sites at Risk From PHP Code Execution

New Malware Gets Stronger by Using Real Apps in Banking Attacks