Intelligence & Analytics June 6, 2023

ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK)

7 min read - In late April 2023, IBM Security X-Force uncovered documents that are most likely part of a phishing campaign mimicking credible senders, orchestrated by a group X-Force refers to as ITG10, and aimed at delivering RokRAT malware, similar to what has…

Cloud Security April 4, 2023

New Generation of Phishing Hides Behind Trusted Services

4 min read - The days when email was the main vector for phishing attacks are long gone. Now, phishing attacks occur on SMS, voice, social media and messaging apps. They also hide behind trusted services like Azure and AWS. And with the expansion…

Risk Management August 25, 2022

Black Hat SEO: Is Someone Phishing With Your Site Domain?

5 min read - Search engine optimization (SEO) is a long game. Improving your website to rank higher on search engine results pages helps you attract more traffic. Plus, it helps build a trustworthy reputation. But, some people want to take shortcuts by using…

News July 6, 2022

Bulk Email Theft May Point to Russian Espionage

2 min read - Cybersecurity researchers recently identified a threat group with a possible Russian connection that targets corporate email environments. At first, the researchers thought the UNC3524 gang mostly sought money, as do many ransomware attacks. A deeper look at the group’s actions,…

News June 15, 2022

Cyber Threats Target US Election Officials With Phishing Campaign

2 min read - On March 29, the FBI warned of an ongoing and widespread phishing campaign targeting U.S. election officials. Using false invoice inquiries and breached email accounts, attackers have attempted to steal officials’ login credentials in at least nine states since October…

Data Protection April 28, 2022

What Are the Biggest Phishing Trends Today?

4 min read - According to the 2022 X-Force Threat Intelligence Index, phishing was the most common way that cyber criminals got inside an organization. Typically, they do so to launch a much larger attack such as ransomware. The Index also found that phishing…

Malware April 26, 2022

Hive0117 Continues Fileless Malware Delivery in Eastern Europe

4 min read - Through continued research into the ongoing cyber activity throughout Eastern Europe, IBM Security X-Force identified a phishing email campaign by Hive0117, likely a financially motivated cybercriminal group, from February 2022, designed to deliver the fileless malware variant dubbed DarkWatchman. The…

Zero Trust February 23, 2022

Ransomware Resilience Tops Findings in X-Force Threat Intelligence Index 2022

7 min read - For the third year in a row, ransomware was the top attack type globally in 2021, despite some successes last year by law enforcement to take down ransomware groups. This was among the top findings of IBM Security’s latest research…

News November 3, 2021

Phishing: Attackers Use DocuSign to Send Malicious Links

2 min read - Attackers are abusing the electronic agreement management company DocuSign to send phishing links and documents. Inside the Phishing Attempt First, a malicious actor registers a free account with DocuSign or compromises another user’s account. They then upload a file to…

Advanced Threats October 14, 2021

How to Report Scam Calls and Phishing Attacks

5 min read - With incidents such as the Colonial Pipeline infection and the Kaseya supply chain attack making so many headlines these days, it can be easy to forget that malicious actors are still preying on individual users. They’re not using ransomware to…