SMS - Security Intelligence

Man speaking on phone while holding a laptop: tech support scams

news

Fraudsters Sending Email, SMS Messages Linked to Tech Support Scams Hosted on the Cloud

Digital fraudsters are sending out emails and SMS messages that link to tech support scams hosted on popular cloud platforms.

May 8, 2019 | By David Bisson

news

Woman using two-factor authentication on her phone to log in to computer

news

New Reverse Proxy Tool Can Bypass Two-Factor Authentication and Automate Phishing Attacks

A new reverse proxy tool called Modlishka can easily automate phishing attacks and bypass two-factor authentication (2FA) — and it's available for download on GitHub.

January 15, 2019 | By Douglas Bonderud

news

Android Trojan malware infects a mobile device

news

GPlayed Android Trojan Imitates Google Apps to Spy On and Steal Data From Victims

Researchers uncovered an adaptable Android Trojan known as GPlayed that masquerades as Google Apps to spy on and steal information from victims.

October 23, 2018 | By David Bisson

news

A man holds a smartphone: mobile security

news

How a 40-Year-Old Mobile Security Flaw Puts Consumers at Risk

A decades-old mobile security flaw resurfaced in recent weeks after a U.S. senator reported that cybercriminals exploited the Signaling System 7 (SS7) protocol to breach a mobile carrier.

June 27, 2018 | By Grant Gross

news

Hands pushing buttons on a smartphone in front of a computer keyboard.

news

Google Advances Two-Step Verification

Google is changing how it does two-step verification by replacing one-time SMS codes with new features and login protocols.

July 18, 2017 | By Larry Loeb

news

Any good defense against attacks related to SMS authentication starts with strong password guidelines and mobile security practices. Two-factor authentication is still better than the old username/password system, but users should explore options.

article

What’s Wrong With SMS Authentication? Two IBM Experts Weigh In on the NIST Recommendation

IBM experts Dustin Hoff and Ashish Malhotra discussed ways for businesses and end users to mitigate security issues stemming from SMS authentication.

September 7, 2016 | By Laurène Hummer

article

Mobile wallets are supposed to be secure in their own right, but when combined with certain device features they could be exploited by cybercriminals. That was the case with a recent research discovery regarding Venmo and SMS messages.

news

Venmo Wallet Can Be Drained by SMS Use

A security researcher recently discovered how the popular mobile wallet Venmo can be hacked using SMS text messages and certain iOS quirks.

August 5, 2016 | By Larry Loeb

news

Attackers simply repurpose all or part of a phishing email, fire it off to random numbers and see who bites. Typically these messages contain a shortened URL link that directs to an official-looking page asking users to verify banking information.

news

New SMS Phishing Campaigns Spotted: Attackers Bobbing for Apples?

The latest targets of SMS phishing are iOS users. In fact, more than 7,500 users who clicked on a malicious link fell victim to a recent smishing attack.

August 1, 2016 | By Douglas Bonderud

news

Companies recognize the value of SMS two-factor authentication, since passwords alone are no longer enough to secure user accounts and protect businesses in the event of malicious data loss. However, SMS two-factor authentication may not be so secure.

news

SMS Two-Factor Authentication: Time to Trash the Text?

Just like software or network defense, cybercriminals have found ways to circumvent and compromise SMS two-factor authentication.

July 28, 2016 | By Douglas Bonderud

news

Risk detection should identify the openings through which malware attempts to access sensitive data. Financial institutions need to step up their game by examining malware's three-part infection cycle, or they will never see it coming.

article

Is Your Risk Engine Shortsighted? Improve Its Vision With a Holistic View

A firm can face a malware breach if its risk engine does not see every stage of an attack, as one bank recently discovered.

March 19, 2013 | By George Tubin

article

Free Decryption Tool Enables Victims of GandCrab Ransomware to Recover Their Files

Outlaw Threat Group Using Botnet to Distribute Monero Miner, Perl-Based Backdoor

InterPlanetary Storm Malware Using IPFS P2P Network to Hide Its Activities

Threat Actors Use Targeted Attack Tools to Distribute Cryptocurrency Miners, Ransomware

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Critical RCE Vulnerability in TP-Link Wi-Fi Extenders Can Grant Attackers Remote Control

One Big Lesson From the Cyber Range to Help Solve Confirmation Bias

Observations of ITG07 Cyber Operations

Getting Quantum Ready and What This Means for Cryptography

Podcast: Development Agility and Open-Source Vulnerability Prioritization

Podcast: Lateral Movement: Combating High-Risk, Low-Noise Threats

Podcast: Travel Security: Why Data Safety Doesn’t Get a Day Off

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Webinar: Under the Radar: IBM QRadar Demo Series

Webinar: Appliance Networking Topics

Webinar: zSecure Real Time Feeds: Alert vs. Audit

Webinar: zSecure Real Time Feeds: Alert vs. Audit

Tag: SMS

Fraudsters Sending Email, SMS Messages Linked to Tech Support Scams Hosted on the Cloud

New Reverse Proxy Tool Can Bypass Two-Factor Authentication and Automate Phishing Attacks

GPlayed Android Trojan Imitates Google Apps to Spy On and Steal Data From Victims

How a 40-Year-Old Mobile Security Flaw Puts Consumers at Risk

Google Advances Two-Step Verification

What’s Wrong With SMS Authentication? Two IBM Experts Weigh In on the NIST Recommendation

Venmo Wallet Can Be Drained by SMS Use

New SMS Phishing Campaigns Spotted: Attackers Bobbing for Apples?

SMS Two-Factor Authentication: Time to Trash the Text?

Is Your Risk Engine Shortsighted? Improve Its Vision With a Holistic View