The X-Force research team investigated the IcedID Trojan's two-step injection attack that enables it to steal access credentials and payment card data from e-commerce customers in North America.
IBM X-Force researchers discovered that BackSwap, a banking Trojan that had previously only targeted Polish banks, now has its sights set on six banks in Spain.
TrickBot is getting in on the cryptocurrency gold rush, expanding its operations to target digital wallets and exchanges using serverside injections and other malicious tactics.
IBM X-Force identified a new Trojan, dubbed IcedID, that uses advanced browser manipulation tactics to target financial institutions in the U.S. and U.K.
IBM X-Force Research discovered a new variant of Zberp that evades API threat detection tools using a code injection technique it borrowed from Carberp.
To protect students, parents and teachers from data theft, academic institutions must adopt comprehensive strategies to mitigate command injection attacks.
XSS is a prevalent web-based exploit in which threat actors inject malicious code into webpages to compromise data or facilitate phishing scams.
Amid a period of targetless activity, IBM X-Force researchers are wondering where the operators behind the Zeus Sphinx Trojan are planning to strike next.
Suppliers offering cybercrime-as-a-service on the Dark Web are helping organized groups achieve more effective bank fraud schemes.
IBM Security X-Force researchers have discovered instances of the Kronos banking Trojan and Zeus Sphinx malware being used by cybercriminals in the wild.