Windows - Security Intelligence

Woman working on a computer: MitM Attack

news

Malware Campaign Uses MitM Attack to Distribute Plead Backdoor

Threat actors have launched a new malware campaign that uses an MitM attack to infect unsuspecting users with the Plead backdoor.

May 15, 2019 | By David Bisson

news

Professional working on a laptop with Bluetooth headphones: ScarCruft

news

ScarCruft Threat Group Using Malware to Steal Information From Bluetooth Devices

An advanced persistent threat (APT) group known as ScarCruft is now using malware to steal information off of Bluetooth devices.

May 14, 2019 | By David Bisson

news

Professional working on a laptop: DLL CryptoMix

news

New DLL CryptoMix Ransomware Reportedly Using Remote Desktop Services for Installation

Security researchers discovered that a new DLL CryptoMix ransomware variant is reportedly using Windows Remote Desktop Services (RDS) to install itself on unsuspecting users' machines.

April 23, 2019 | By David Bisson

news

Security professionals scanning for fileless malware threats

article

How to Defend Your Organization Against Fileless Malware Attacks

Fighting fileless malware attacks will take some serious effort and careful coordination among a variety of tools and techniques.

April 17, 2019 | By David Strom

article

Man using a laptop in public that is vulnerable to the WinRAR bug

news

Researchers Uncover Highly Exploitable WinRAR Bug That Puts 500 Million Users at Risk

More than 100 unique exploits of a WinRAR bug have been identified since security researchers discovered a 19-year-old vulnerability in the file compression system.

March 19, 2019 | By Shane Schick

news

Security professional working on a laptop running macOS

news

Malicious Windows EXE Files Infect macOS Users With Infostealers and Adware

Security researchers discovered several Microsoft Windows EXE files using malicious payloads to infect macOS users with infostealers and adware.

February 13, 2019 | By David Bisson

news

Row of ATMs in a bank entrance: ATM attacks

news

KoffeyMaker Toolkit Used in Black Box ATM Attacks Against Eastern European Banks

In 2017 and 2018, threat actors used a toolkit called KoffeyMaker in multiple black box ATM attacks targeting Eastern European financial institutions.

December 14, 2018 | By David Bisson

news

Illustration representing a malware campaign.

news

Threat Actors Combine Windows Utilities in Malware Campaign Targeting Users in Brazil

Researchers observed threat actors impersonating the Brazilian postal service in a malware campaign that combines legitimate Windows files such as WMI and CertUtil to steal banking data.

November 5, 2018 | By Shane Schick

news

A password field on a laptop screen: Agent Tesla

news

New Campaign Uses RTF Files to Drop Agent Tesla Trojan and Other Malware

A new attack campaign is using Rich Text Format (RTF) files to distribute the Agent Tesla Trojan along with other malware.

October 26, 2018 | By David Bisson

news

Illustration of an arm coming out of a laptop screen holding a magnifying glass over Central Asia on a world map: Windows Trojan

news

DustSquad Uses Windows Trojan to Target Central Asian Officials With Octopus Malware

Researchers reported that the Octopus malware is using a Windows Trojan to target political entities based in Central Asia.

October 25, 2018 | By Shane Schick

news

Many of Baltimore’s City Services Still Offline Two Weeks After Ransomware Attack

Hundreds of Thousands of Users Targeted Daily With Would-Be WannaCry Imitators

Phishing Campaign Delivers Multi-Feature, Open-Source Babylon RAT

More Than 100 US Businesses Affected by Ryuk Ransomware Since August 2018, Finds FBI

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015

Published Exploits for Accessing SAP Systems Put Security Teams on Alert

Penetration Testing Versus Red Teaming: Clearing the Confusion

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Podcast: Foundations for a Winning Operational Technology (OT) Security Strategy

Podcast: ‘You Can Never Have Too Much Encryption’

Podcast: Automating Cyber Resilience Best Practices With Dr. Larry Ponemon

Webinar: Guardium Tech Talk: An Integrated Approach to Data Risk Management

Webinar: The Debrief: Using Tools and Methods From the Intelligence Community to Stop Threats to Your Organization

Webinar: Operational Technology Security in the Age of Digital Transformation

Webinar: Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on the Cyber Resilient Organization

Tag: Windows

Malware Campaign Uses MitM Attack to Distribute Plead Backdoor

ScarCruft Threat Group Using Malware to Steal Information From Bluetooth Devices

New DLL CryptoMix Ransomware Reportedly Using Remote Desktop Services for Installation

How to Defend Your Organization Against Fileless Malware Attacks

Researchers Uncover Highly Exploitable WinRAR Bug That Puts 500 Million Users at Risk

Malicious Windows EXE Files Infect macOS Users With Infostealers and Adware

KoffeyMaker Toolkit Used in Black Box ATM Attacks Against Eastern European Banks

Threat Actors Combine Windows Utilities in Malware Campaign Targeting Users in Brazil

New Campaign Uses RTF Files to Drop Agent Tesla Trojan and Other Malware

DustSquad Uses Windows Trojan to Target Central Asian Officials With Octopus Malware