September 10, 2019

Purple Fox Malware Spread by RIG Exploit Kit Capable of Abusing PowerShell

2 min read - The RIG exploit kit is distributing a new variant of the Purple Fox downloader malware family that's capable of abusing PowerShell.

Advanced Threats August 29, 2019

More_eggs, Anyone? Threat Actor ITG08 Strikes Again

14 min read - X-Force IRIS observed ITG08, which has historically targeted POS machines in the retail and hospitality sectors, injecting malicious code into online checkout pages to steal payment card data.

July 15, 2019

Threat Actors Could Abuse iOS URL Scheme to Undermine User Privacy

2 min read - Threat actors could abuse the iOS URL Scheme to undermine user privacy and stage other attacks with respect to certain vendors' apps.

Application Security June 25, 2019

What Is Threat Modeling and How Does It Impact Application Security?

3 min read - Beyond the obvious benefit of proactively identifying application security incidents, threat modeling gives security leaders opportunities to educate developers and foster a DevSecOps culture.

Application Security June 25, 2019

Why Doxing Is the Dr. Jekyll and Mr. Hyde of Cloud Security

4 min read - It's time for cloud security teams to turn the tables on malicious actors and use doxing — in the form of attacker reconnaissance — to uncover vulnerabilities before they turn into full-blown threats.

June 18, 2019

Outlaw Threat Group Using Botnet to Distribute Monero Miner, Perl-Based Backdoor

2 min read - The Outlaw threat group is using a botnet to distribute a Monero cryptocurrency miner and a Perl-based backdoor component.

June 17, 2019

Threat Actors Use Targeted Attack Tools to Distribute Cryptocurrency Miners, Ransomware

2 min read - Threat actors are using targeted attack tools to distribute typical malware, such as cryptocurrency miners and ransomware.

Endpoint May 20, 2019

How to Fight Back Against Macro Malware

6 min read - Per X-Force IRIS, at least 22 percent of reported campaigns in April 2019 delivered macro malware. What methods can defenders leverage to help detect malicious macro activity?

April 29, 2019

New TA505 Phishing Campaign Using LOLBins to Distribute Backdoor Malware

2 min read - A threat actor known as TA505 recently launched a phishing campaign that uses living-of-the-land binaries (LOLBins) to distribute a new backdoor malware.

April 16, 2019

Emotet Variants Hijack Existing Email Conversations to Distribute Malicious Links

2 min read - Researchers observed variants of the Emotet Trojan injecting themselves into existing email conversations as a means of distributing malicious links.