Threat Actors Use Malspam Campaign to Target Italian Users With sLoad Downloader
Security researchers identified a malspam campaign targeting Italian users with a variant of the sLoad downloader.
FakeSpy And XLoader Mobile Malware May Come From Yanbian Gang
Security researchers revealed that two mobile malware threats, Xloader and FakeSpy, may have been developed and launched by the same cybercriminal group.
Sofacy Group Targets Government Organizations With New Cannon Trojan
The Sofacy group recently targeted several government organizations around the world with the new Cannon Trojan.
Phish or Fox? A Penetration Testing Case Study From IBM X-Force Red
The IBM X-Force Red team recently ran into trouble on a black-box penetration testing assignment. Here's how the testers overcame the obstacles to ultimately establish a solid adversarial operation.
Cyber Monday 2018: 5 Best Practices to Protect Consumer Data
Cyber Monday 2018 is just around the corner, and customers and malicious actors alike are gearing up. Is your retail security ready to tackle e-commerce fraud and improve consumer data protection?
Easy Does It! A Timely Look Into Fraud TTPs in the Brazilian Financial Cybercrime Landscape
In this first article of a two-part series, IBM X-Force exposes some of its research on the typical malware and tactics, techniques and procedures (TTPs) used in Brazilian financial cybercrime.
How to Stay One Step Ahead of Phishing Websites — Literally
Ahead-of-threat detection enables security professionals and consumers to identify potential phishing websites faster than traditional browser protection apps can blacklist active cyberthreats.
Threat Actors Exploit Equation Editor to Distribute Hawkeye Keylogger
A recent Hawkeye keylogger campaign leveraged an old Microsoft Office Equation Editor vulnerability to steal user credentials, passwords and clipboard content.
New Cobalt Gang PDF Attack Avoids Traditional Static Analysis Tools
A PDF attack campaign conducted by the Cobalt Gang used a specially crafted document to evade dection by static analysis tools.
How Tomer Agayev Fights Financial Fraud With Curiosity and Suspicion
As threat research team lead at Trusteer, Tomer guards the gateway to both known and unknown threats and passes along his insights to help banking customers protect themselves from social engineering.