In 2018, IBM X-Force researchers observed organized cybercrime groups collaborating, rather than competing over turf or even attacking each other, for the first time.
Security researchers discovered an attack campaign targeting Japanese users with a new variant of Ursnif banking malware.
The X-Force research team investigated the IcedID Trojan's two-step injection attack that enables it to steal access credentials and payment card data from e-commerce customers in North America.
Researchers discovered a link between four malware families — Ursnif, Emotet, Dridex and BitPaymer — that suggests threat actors may be combining efforts to develop more sophisticated attack vectors.
A weaponized document builder service known as LCG Kit added the ability to use Microsoft Word macros to load the necessary shellcode for installing malware.
The majority of financial cybercrime risks can be mitigated with continued user education and by placing the right controls on user devices to help protect against malware.
Researchers observed the TA505 threat group spreading a previously undocumented remote access Trojan (RAT) called tRaT.
With a corporate culture that supports transparency and human agency, it's possible to maximize the existing benefits of artificial intelligence (AI) while laying the groundwork for the future of AI.
For companies that want to understand what is happening in their networks but lack malware analysis tools, using what is publicly available could be the difference between an infection and a crisis.
Security researchers observed threat actors using a Delphi packer to shield their binaries from malware classification by antivirus and other detection tools.