Endpoint January 21, 2019 What Can Consumers and IT Decision-Makers Do About the Threat of Malvertising? 4 min read - Malvertising is one more threat that will keep your IT decision-makers up at night, but any company with a protection-first mindset should be able to remain ahead of the curve.
Endpoint November 27, 2018 How to Defend Against Malvertising Drive-By Attacks 3 min read - Malvertising — malware delivered by internet advertisements — can infect your computer even if you don't click on it. But there are steps you can take to protect yourself now.
Threat Intelligence October 12, 2018 An Increase in PowerShell Attacks: Observations From IBM X-Force IRIS 9 min read - Since the open source release of the PowerShell framework in 2016, IBM X-Force Incident Response and Intelligence Services (IRIS) has identified an upward trend in malicious PowerShell use.
Risk Management March 20, 2018 Enterprise Security Lessons From the Crypto-Mining Craze 3 min read - Recent research has failed to pin down exactly how the current crypto-mining craze is trending, but companies can derive many key enterprise security lessons from the latest headline-grabbing threat.
July 18, 2017 WordPress Sites at Risk From PHP Code Execution 2 min read - New attacks against unfinished installations of WordPress aim to give attackers admin access and the opportunity to run PHP code.
July 17, 2017 New Malware Gets Stronger by Using Real Apps in Banking Attacks 2 min read - New malware is infiltrating bona fide apps, making banking Trojans harder to detect. Fortunately, it can be shut down if it is detected in time.
July 13, 2017 Let’s Get Physical: Malicious Script Magecart Expands Impact With Fraudulent Mail Forwarding 2 min read - Malicious script Magecart is still going strong, allowing threat actors to hire U.S. mules to ship fraudulently purchased goods.
Identity & Access February 9, 2017 Did Your Developer Leave a Website Backdoor? 2 min read - A Dutch developer stole e-commerce customers' login credentials using a website backdoor and admin access that former employers had neglected to revoke.
Software Vulnerabilities September 1, 2016 Anti-ROP: A Moving Target Defense 4 min read - IBM Research — Haifa recently developed a solution that acts like a moving target, randomizing files to safeguard against ROP attacks.
Mainframe August 29, 2016 The Increasing Dangers of Code Hooking 2 min read - Cybercriminals use code hooking to intercept OS function calls to alter or augment their behavior. The technique is becoming more popular and dangerous.