Incident Response February 6, 2023

Why Crowdsourced Security is Devastating to Threat Actors

4 min read - Almost every day, my spouse and I have a conversation about spam. Not the canned meat, but the number of unwelcomed emails and text messages we receive. He gets several nefarious text messages a day, while I maybe get one…

Advanced Threats October 6, 2021

Phishing Attacks Are Top Cyber Crime Threat, Easier Than Ever to Create and Deploy

4 min read - Why is one of cyber crime’s oldest threats still going strong? The Anti-Phishing Working Group (APWG) reports that January 2021 marked an unprecedented high in the APWG’s records, with over 245,771 phishing attacks in one month. IBM X-Force’s 2021 Threat…

Identity & Access September 21, 2021

Identity Management Beyond the Acronyms: Which Is Best for You?

3 min read - With so many devices and users accessing networks, applications and data, identity access management (IAM) has become a cornerstone of cybersecurity best practices. The short explanation is that you must make sure everyone (and everything) is who they claim they…

October 1, 2020

Thanos Ransomware Variant Fails to Overwrite MBR on Infected Devices

2 min read - A new variant of the Thanos ransomware family failed to overwrite the Master Boot Record (MBR) on infected devices despite being configured to do so. Researchers detected it in June 2020, when an attack against two organizations in the Middle…

Advanced Threats July 7, 2020

COVID-19 Cybercrime Capitalizing on Brazil’s Government Assistance Program

6 min read - IBM X-Force Incident Response and Intelligence Services (IRIS) has been tracking cybercrime capitalizing on the coronavirus pandemic since January, and has observed the geographical areas of this activity shift over time. In February, cybercriminals were focusing on Asia, and we…

Zero Trust May 15, 2020

What the Data Is Telling Us About the Current Rise in Security Threats During the COVID-19 Pandemic

5 min read - IBM X-Force Research has been seeing a significant number of new malicious domains related to COVID-19 appear in the wild since late February 2020, based on Quad 9 data.

Malware April 30, 2020

TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam

4 min read - Recent analysis from IBM X-Force spam traps uncovered a new Trickbot campaign that currently targets email recipients with fake messages purporting to come from the U.S. Department of Labor.

Government April 27, 2020

SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT

5 min read - As the ongoing COVID-19 pandemic impacts small businesses in the U.S., cybercriminals are trusting that people will be more likely to open unsolicited emails purporting to come from relevant entities.

Advanced Threats April 23, 2020

New Study Shows Consumers Could Be Vulnerable to COVID-19 Spam

5 min read - Since March 11, IBM X-Force has observed a more than 6,000 percent increase in COVID-19 spam, with lures ranging the full gamut of challenges and concerns facing individuals.

Malware March 30, 2020

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

7 min read - The renewed Zeus Sphinx activity that IBM X-Force is seeing features a modified variant targeting online banking users in North America and Australia through the use of maldocs themed around COVID-19.