Incident Response February 6, 2023

Why crowdsourced security is devastating to threat actors

4 min read - Almost every day, my spouse and I have a conversation about spam. Not the canned meat, but the number of unwelcomed emails and text messages we receive. He gets several nefarious text messages a day, while I maybe get one…

News November 10, 2021

Phishing-as-a-Service: Research Exposes BulletProofLink Gang

2 min read - It’s a growing trend among attackers to offer their products as a service, just as regular companies do. In September, Microsoft researchers found that the BulletProofLink phishing-as-a-service (PhaaS) enterprise was taking this to the next level. It comes with over…

Advanced Threats October 6, 2021

Phishing Attacks Are Top Cyber Crime Threat, Easier Than Ever to Create and Deploy

4 min read - Why is one of cyber crime’s oldest threats still going strong? The Anti-Phishing Working Group (APWG) reports that January 2021 marked an unprecedented high in the APWG’s records, with over 245,771 phishing attacks in one month. IBM X-Force’s 2021 Threat…

News June 21, 2021

New Buer Malware Loader Spread Through DHL Scam Email

2 min read - Digital attackers are using fake DHL shipping emails to trick recipients into opening a malicious Microsoft Office document. According to Proofpoint, the DHL scam email leads to an infection of ‘RustyBuer,’ a new variant of the Buer Loader malware family…

August 5, 2020

Users Beware: Spotting a Microsoft Renewal Scam

3 min read - A novel scam began when a user received an email impersonating a notification from Microsoft, Abnormal Security observed on Friday, July 17. The scam arrived after Microsoft had recently taken several steps to deter scammers. Security professionals should be aware of…

X-Force July 7, 2020

COVID-19 Cybercrime Capitalizing on Brazil’s Government Assistance Program

6 min read - IBM X-Force Incident Response and Intelligence Services (IRIS) has been tracking cybercrime capitalizing on the coronavirus pandemic since January, and has observed the geographical areas of this activity shift over time. In February, cybercriminals were focusing on Asia, and we…

News July 6, 2020

.CRIMSON Ransomware Module Shipped With Java STRRAT

2 min read - In recent malware news, security researchers discovered a malware strain called “STRRAT” that shipped with the .CRIMSON ransomware module. STRRAT wasn’t the only new malware threat making headlines. Security researchers also uncovered a new threat that modified the Discord client…

Intelligence & Analytics July 1, 2020

How Growing Businesses Should Tackle Cybersecurity Challenges

3 min read - When we think about the most public cyber attacks and data breaches, we generally associate them with large enterprises. The truth is cyber attacks are not limited by company size. A significant cyber attack can happen to any company, in…

Malware April 30, 2020

TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam

4 min read - Recent analysis from IBM X-Force spam traps uncovered a new Trickbot campaign that currently targets email recipients with fake messages purporting to come from the U.S. Department of Labor.

Advanced Threats April 23, 2020

New Study Shows Consumers Could Be Vulnerable to COVID-19 Spam

5 min read - Since March 11, IBM X-Force has observed a more than 6,000 percent increase in COVID-19 spam, with lures ranging the full gamut of challenges and concerns facing individuals.