Windows - Security Intelligence

Man using a laptop in public that is vulnerable to the WinRAR bug

news

Researchers Uncover Highly Exploitable WinRAR Bug That Puts 500 Million Users at Risk

More than 100 unique exploits of a WinRAR bug have been identified since security researchers discovered a 19-year-old vulnerability in the file compression system.

March 19, 2019 | By Shane Schick

news

Security professional working on a laptop running macOS

news

Malicious Windows EXE Files Infect macOS Users With Infostealers and Adware

Security researchers discovered several Microsoft Windows EXE files using malicious payloads to infect macOS users with infostealers and adware.

February 13, 2019 | By David Bisson

news

Row of ATMs in a bank entrance: ATM attacks

news

KoffeyMaker Toolkit Used in Black Box ATM Attacks Against Eastern European Banks

In 2017 and 2018, threat actors used a toolkit called KoffeyMaker in multiple black box ATM attacks targeting Eastern European financial institutions.

December 14, 2018 | By David Bisson

news

Illustration representing a malware campaign.

news

Threat Actors Combine Windows Utilities in Malware Campaign Targeting Users in Brazil

Researchers observed threat actors impersonating the Brazilian postal service in a malware campaign that combines legitimate Windows files such as WMI and CertUtil to steal banking data.

November 5, 2018 | By Shane Schick

news

A password field on a laptop screen: Agent Tesla

news

New Campaign Uses RTF Files to Drop Agent Tesla Trojan and Other Malware

A new attack campaign is using Rich Text Format (RTF) files to distribute the Agent Tesla Trojan along with other malware.

October 26, 2018 | By David Bisson

news

Illustration of an arm coming out of a laptop screen holding a magnifying glass over Central Asia on a world map: Windows Trojan

news

DustSquad Uses Windows Trojan to Target Central Asian Officials With Octopus Malware

Researchers reported that the Octopus malware is using a Windows Trojan to target political entities based in Central Asia.

October 25, 2018 | By Shane Schick

news

Illustration of computer infected with ransomware: code obfuscation

news

GandCrab Partners With NTCrypt for Code Obfuscation

A new version of GandCrab, another malware security warning. This iteration uses NTCrypt to facilitate code obfuscation and hook more potential victims.

October 19, 2018 | By Douglas Bonderud

news

A man writing code on a desktop computer: PowerShell attack

article

An Increase in PowerShell Attacks: Observations From IBM X-Force IRIS

Since the open source release of the PowerShell framework in 2016, IBM X-Force Incident Response and Intelligence Services (IRIS) has identified an upward trend in malicious PowerShell use.

October 12, 2018 | By Camille Singleton

article

Silver Monero coin on stock market chart background: monero malware

news

Two New Monero Malware Attacks Target Windows and Android Users

Researchers discovered two new monero malware attacks: one that targets Windows with stealthy mining operations, and another that masquerades as a Google Play Store update for Android.

September 17, 2018 | By Douglas Bonderud

news

A magician's hat and a hand holding a wand: TrickBot malware

news

Latest Version of TrickBot Malware Uses Macro-Enabled Word Documents to Deliver New Stealth Code Injection

The latest version of TrickBot malware leverages malicious macros to deliver stealthy code injection, fool users and compromise computers.

August 31, 2018 | By Douglas Bonderud

news

GlitchPOS Creator Offers Instructional Video to Make Deploying POS Malware Easier

New Mirai Variant Targets Business Presentation and Display Devices

Brute-Force Attack Wave Uses Legacy Protocols, Credential Dumps to Compromise Cloud Accounts

Threat Actors Use Fake Copyright Infringement Notifications in Instagram Hacking Campaign

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Security Considerations for Whatever Cloud Service Model You Adopt

At RSAC 2019, It’s Clear the World Needs More Public Interest Technologists

To Improve Critical Infrastructure Security, Bring IT and OT Together

The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018

Spectre, Meltdown and More: What You Need to Know About Hardware Vulnerabilities

Stranger Danger: X-Force Red Finds 19 Vulnerabilities in Visitor Management Systems

Cryptojacking Rises 450 Percent as Cybercriminals Pivot From Ransomware to Stealthier Attacks

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

X-Force Red in Action: Spotlight on Password Security With Dustin ‘Evil Mog’ Heywood

Podcast: Demystifying the Role of AI in Cybersecurity

Webinar: Under the Radar: March Live Webinar and Demo

Cyberattacks and the Airline Industry: The Strategic Threat Landscape

Webinar: Crypto Agility: Your Super Power Defense

Webinar: Bridging the Gap Between Privacy and Security: Using Technology to Manage Complex Breach Disclosure Regulations

Tag: Windows

Researchers Uncover Highly Exploitable WinRAR Bug That Puts 500 Million Users at Risk

Malicious Windows EXE Files Infect macOS Users With Infostealers and Adware

KoffeyMaker Toolkit Used in Black Box ATM Attacks Against Eastern European Banks

Threat Actors Combine Windows Utilities in Malware Campaign Targeting Users in Brazil

New Campaign Uses RTF Files to Drop Agent Tesla Trojan and Other Malware

DustSquad Uses Windows Trojan to Target Central Asian Officials With Octopus Malware

GandCrab Partners With NTCrypt for Code Obfuscation

An Increase in PowerShell Attacks: Observations From IBM X-Force IRIS

Two New Monero Malware Attacks Target Windows and Android Users

Latest Version of TrickBot Malware Uses Macro-Enabled Word Documents to Deliver New Stealth Code Injection