Collaborate Disseminate
Since 2017, the IcedID Trojan has received consistent updates that enable it to continue targeting banks and other businesses. Find out what changes were included in the latest major release.
The post Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release appeared first on Security Intelligence.
The renewed Zeus Sphinx activity that IBM X-Force is seeing features a modified variant targeting online banking users in North America and Australia through the use of maldocs themed around COVID-19.
The post Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy appeared first on Security Intelligence.
Continue reading Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy
Our team is closely monitoring TrickBot’s developing capabilities, including its new cross-channel attacks using the TrickMo component.
The post TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany appeared first on Security Intelligence.
Continue reading TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany
In recent analysis of malicious activity likely targeting entities based in the Middle East, IBM X-Force IRIS discovered a backdoor malware strain we named “EnigmaSpark.”
The post EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan appeared first on Security Intelligence.
IBM X-Force researchers have discovered a new campaign targeting organizations with fake business emails that deliver NetWire remote-access Trojan (RAT) variants.
The post New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users appeared first on Security Intelligence.
The X-Force research team investigated the IcedID Trojan’s two-step injection attack that enables it to steal access credentials and payment card data from e-commerce customers in North America.
The post IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites appeared first on Security Intelligence.
Continue reading IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites
The majority of financial cybercrime risks can be mitigated with continued user education and by placing the right controls on user devices to help protect against malware.
The post The Simpler the Better? Looking Deeper Into the Malware Used in Brazilian Financial Cybercrime appeared first on Security Intelligence.
The IBM X-Force Red team recently ran into trouble on a black-box penetration testing assignment. Here’s how the testers overcame the obstacles to ultimately establish a solid adversarial operation.
The post Phish or Fox? A Penetration Testing Case Study From IBM X-Force Red appeared first on Security Intelligence.
Continue reading Phish or Fox? A Penetration Testing Case Study From IBM X-Force Red
X-Force observed attackers using known Drupal vulnerabilities, including Drupalgeddon, to target websites and the underlying infrastructure that hosts them, leveraging Shellbot to open backdoors.
The post Threat Actors Prey on Drupalgeddon Vulnerability to Mass-Compromise Websites and Underlying Servers appeared first on Security Intelligence.
IBM X-Force researchers unpacked ExoBot’s inner workings to reveal insights into its dynamic mechanisms and the features that help criminals use it in cross-channel bank fraud schemes.
The post IBM X-Force Delves Into ExoBot’s Leaked Source Code appeared first on Security Intelligence.
Continue reading IBM X-Force Delves Into ExoBot’s Leaked Source Code