Malware - Security Intelligence

Man using a laptop infected with Agent Tesla

news

SWEED Threat Actor Uses Typosquatting, UAC Bypasses to Distribute Agent Tesla

Researchers observed a threat actor known as SWEED using typosquatting and UAC bypassing techniques to distribute Agent Tesla and other malware.

July 17, 2019 | By David Bisson

news

Weekly Security News Roundup: Zero-Day Vulnerability Exploited in Buhtrap Attack Campaign

Last week, security researchers identified a zero-day vulnerability that was instrumental in a targeted attack against companies in Eastern Europe.

July 15, 2019 | By David Bisson

news

Security professional analyzing darknet data

article

Take a Proactive Approach to the Darknet Threat

A proactive approach to security and intelligence gathering is the best way to stem the tide of threats and lucrative trading of business-critical data on the darknet.

July 11, 2019 | By Mark Stone

article

Man using a smartphone infected with Anubis Android malware

news

More Than 17,000 Samples of Anubis Android Malware Found on Two Related Servers

Security researchers uncovered more than 17,000 samples of Anubis Android malware stored on two related servers.

July 9, 2019 | By David Bisson

news

Man using a laptop infected with malware by the TA505 threat group.

news

TA505 Delivers New Gelup Malware Tool, FlowerPippi Backdoor Via Spam Campaign

Researchers observed the TA505 threat group using spam campaigns to deliver two new payloads: the Gelup malware tool and the FlowerPippi backdoor.

July 9, 2019 | By David Bisson

news

Woman using a laptop infected with a remote access Trojan (RAT)

article

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

IBM X-Force researchers detected, reverse engineered, reconstructed and simulated a Delphi-based Brazilian remote access Trojan.

July 9, 2019 | By Pavel Asinovsky

article

Man using a laptop infected with the Godlua backdoor.

news

Godlua Backdoor Capable of Performing DDoS Attacks

Both versions of the Godlua backdoor, discovered in late April, are capable of performing distributed denial-of-service (DDoS) attacks, according to a new report.

July 3, 2019 | By David Bisson

news

Woman encountering a remote access Trojan (RAT) on her laptop.

article

Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?

IBM X-Force researchers discovered, reverse engineered and reconstructed AVLay, a remote access Trojan that mixes DLL hijacking with a legitimate executable borrowed from various antivirus programs.

July 2, 2019 | By Pavel Asinovsky

article

Security professional working on a computer in the office: Spelevo

news

Attack Campaign Leverages B2B Site to Distribute New Spelevo Exploit Kit

A recent attack campaign leveraged a business-to-business (B2B) website to distribute a new exploit kit named Spelevo.

July 1, 2019 | By David Bisson

news

Woman suffering a cryptocurrency-mining malware attack.

news

Attackers Disperse Cryptocurrency-Mining Malware via a Golang-Based Spreader

Threat actors launched an attack campaign that uses a Golang-based spreader to distribute cryptocurrency-mining malware, according to researchers.

July 1, 2019 | By David Bisson

news

SWEED Threat Actor Uses Typosquatting, UAC Bypasses to Distribute Agent Tesla

UK Government Urges Organizations to Defend Against DNS Hijacking

Telegram, WhatsApp Vulnerability Exposes Media Files to Tampering

Digital Attackers Now Using 16Shop Phishing Kit to Target Amazon Users

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

CISO of Major UK Retailer Weighs in on Enterprise IoT Security

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Threat Intelligence Is the SOC’s Road Map to DNS Security

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?

Taking Over the Overlay: Reverse Engineering a Brazilian Remote Access Trojan (RAT)

Podcast: IT’s Eyes and Ears — The Evolving Security Operations Center (SOC)

Podcast: Reducing Third-Party Risk

Podcast: Development Agility and Open-Source Vulnerability Prioritization

Podcast: Lateral Movement: Combating High-Risk, Low-Noise Threats

Webinar: Protecting Office365 with IBM Cloud Identity and MaaS360

Webinar: Wandera & IBM Introduce the Next Level of Access Management

Webinar: How to Outmatch Data Security Challenges with Cost-Effective, Practical Strategies

Webinar: Total Recon: See You Online, Richter

Tag: Malware

SWEED Threat Actor Uses Typosquatting, UAC Bypasses to Distribute Agent Tesla

Weekly Security News Roundup: Zero-Day Vulnerability Exploited in Buhtrap Attack Campaign

Take a Proactive Approach to the Darknet Threat

More Than 17,000 Samples of Anubis Android Malware Found on Two Related Servers

TA505 Delivers New Gelup Malware Tool, FlowerPippi Backdoor Via Spam Campaign

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

Godlua Backdoor Capable of Performing DDoS Attacks

Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?

Attack Campaign Leverages B2B Site to Distribute New Spelevo Exploit Kit

Attackers Disperse Cryptocurrency-Mining Malware via a Golang-Based Spreader