Malware - Security Intelligence

According to an annual threat report on IT security issues, chief information security officers should be worried about a rise in attacks on point-of-sale, HTTPS and supervisory control and data acquisition systems from sophisticated cybercriminals.

news

Annual Threat Report: POS, HTTPS and SCADA Attacks on the Rise

An annual threat report on the biggest IT security issues says CISOs should be concerned about cybercriminals hitting POS, SCADA and HTTPS systems.

April 15, 2015 | By Shane Schick

news

Payment card security is at risk from a new type of POS malware, dubbed FighterPOS by Trend Micro. This one-man malware campaign has infected POS systems in Brazil, the United States and other countries. New card standards may be able to help.

news

One-Man POS Malware Campaign Snags Data From More Than 22,000 Payment Cards

A new POS malware family is being used to steal payment card data in Brazil and the United States, according to a recent report from Trend Micro.

April 15, 2015 | By Jaikumar Vijayan

news

According to security researchers, the AlienSpy RAT is deploying the Citadel banking malware in financial institutions and other types of organizations. Experts warn this type of remote-access Trojan may be one of the toughest yet.

news

AlienSpy RAT Spreads Internationally, Evades Antivirus Detection

A research advisory says the AlienSpy RAT is deploying the Citadel malware across financial institutions and stealing data in other organizations.

April 13, 2015 | By Shane Schick

news

Organizations that have a highly skilled threat response team will benefit when security threats emerge. For example, consider how IBM's Managed Security Services threat response team effectively responded to a Waski malware threat last fall.

article

Security Excellence: How an IBM Threat Response Team Took On the Waski Virus

While it's important to have high-quality technology in place, threat response teams can have a dramatic effect on the outcome of a security incident.

April 13, 2015 | By Michael Sanders

article

According to security researchers, a WordPress plugin vulnerability in WP Super Cache could leave more than 1 million sites vulnerable to potential cyberattacks. Fortunately, all users need to do to fend off this threat is upgrade to Version 1.4.4.

news

WordPress Plugin Vulnerability Puts an Estimated 1 Million Sites at Risk of XSS Attacks

A WordPress plugin vulnerability related to WP Super Cache could let cybercriminals create back doors, add new administrators or worse, experts say.

April 13, 2015 | By Shane Schick

news

The Federal Financial Institutions Examinations Council sent out an alert to banks warning them that they are being targeted by malicious malware and credential-stealing attacks. Banks must take certain steps to stay secure from these threats.

news

FFIEC Warns Banks of Malware Attacks, Credential Theft

Banks face serious risk from sophisticated malware and credential-stealing attacks, according to a recent alert from the FFIEC to financial institutions.

April 10, 2015 | By Jaikumar Vijayan

news

CrypVault Ransomware Locks Out PCs, Demands Payment While Stealing Passwords

Researchers say a new strain of ransomware called CrypVault is locking out computer users in a way that resembles antivirus software and demands payment.

April 8, 2015 | By Shane Schick

news

According to a security advisory, a BitTorrent vulnerability may have affected those who use its Sync service. Since the service just came out of beta, the issue was dealt with quickly in order to compete with top players such as Google and Microsoft.

news

BitTorrent Vulnerability Discovered as Sync Service Exits Beta

A research advisory suggests cybercriminals could have exploited a BitTorrent vulnerability to include executable code via URLs in its Sync service.

April 7, 2015 | By Shane Schick

news

A cybercriminal group is reportedly launching malware attacks against energy sector companies around the world to poke around for trade secrets. These probes are focused mostly on the Middle East, but some U.S and U.K. companies have been targeted, too.

news

New Malware Attacks Hunt for Cracks in Energy Sector Defenses

New malware attacks from a cybercriminal group are reportedly being used to find holes in energy sector defenses to gain access to trade secrets.

April 3, 2015 | By Douglas Bonderud

news

"The Dyre Wolf," a new Dyre campign, has stolen more than $1 million from targeted organizations. To keep safe from these types of attacks, organizations must remind their employees of security best practices since human error is a great factor here.

article

The Dyre Wolf Campaign: Stealing Millions and Hungry for More

A new Dyre malware campaign, branded "The Dyre Wolf" by IBM Security researchers, has successfully stolen more than $1 million from targeted organizations.

April 2, 2015 | By John Kuhn

article

Attackers Compromise Admin Account to Infect Manufacturing Company With BitPaymer Ransomware

Spear Phishing Report Card: Perfect Scores in School Security Pen Testing

Google 2FA Approach Turns Android Smartphones Into Security Keys

April Scams May Ruin Plans: Threat Actors Ramp Up for Tax Scam Season

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

How a Cunning Remote Overlay Malware Met Its Match

The US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

Credential Dumping Campaign Hits Multinational Corporations

Cybercriminals Spoof Major Accounting and Payroll Firms in Tax Season Malware Campaigns

Buffer Overflow Vulnerability in TP-Link Routers Can Allow Remote Attackers to Take Control

Podcast: Muscle Memory and Cyber Fitness Training

Podcast: Zero Trust and the Evolving Role of Identity and Access Management

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

Webinar: MacOS Management Made Easy with MaaS360

Webinar: Encryption is the Fastest Way to Protect Data

Webinar: Under the Radar: Live Webinar and Demo

Webinar: Facilitating Secure Hybrid Cloud Adoption with Guardium

Tag: Malware

Annual Threat Report: POS, HTTPS and SCADA Attacks on the Rise

One-Man POS Malware Campaign Snags Data From More Than 22,000 Payment Cards

AlienSpy RAT Spreads Internationally, Evades Antivirus Detection

Security Excellence: How an IBM Threat Response Team Took On the Waski Virus

WordPress Plugin Vulnerability Puts an Estimated 1 Million Sites at Risk of XSS Attacks

FFIEC Warns Banks of Malware Attacks, Credential Theft

CrypVault Ransomware Locks Out PCs, Demands Payment While Stealing Passwords

BitTorrent Vulnerability Discovered as Sync Service Exits Beta

New Malware Attacks Hunt for Cracks in Energy Sector Defenses

The Dyre Wolf Campaign: Stealing Millions and Hungry for More