Collaborate Disseminate
The sophisticated conspiracy saw tens of thousands of victims’ computers infected with the GozNym malware in order to steal online banking passwords, and raid accounts.
Read more in my article on the Hot for Security blog.
Continue reading $100 million GozNym cybercrime network dismantled as suspects charged
In 2018, IBM X-Force researchers observed organized cybercrime groups collaborating, rather than competing over turf or even attacking each other, for the first time.
The post The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018 appeared first on Security Intelligence.
Continue reading The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018
Ursnif is one of the main threats that is effectively evading detection right now (at publication) The dropper uses a COM technique to hide its process parentage WMI is used to bypass a Windows Defender attack surface reduction rule Fast evolution of d… Continue reading Tricks and COMfoolery: How Ursnif Evades Detection
Starting Yesterday evening and continuing steadily all day so far today, we saw what was supposed to be a malspam campaign with a lure of court summonses. None of the links I followed actually delivered any malware but did instead lead to a zip file t… Continue reading Fake Court summonses, Judgements, Subpoenas delivering malware
We are still seeing a fairly large Ursnif /Gozi /ISFB campaign hitting the UK again this week. Today we are seeing an Xmas Payslip theme The subjects vary slightly but include Wages December, Salary Payslip, Christmas Payslip, Chrithmas Payslip or si… Continue reading Fake Xmas Bonus Payslip delivers Ursnif – Gozi
We are seeing a fairly large Ursnif /Gozi /ISFB campaign hitting the UK since Yesterday. Earlier we saw a Brexit theme and now we are seeing emergency exit notices. The subject this time is consistent in all versions “Urgent to all residents of … Continue reading Urgent to all residents of the building email delivers Ursnif
We are seeing a fairly large Ursnif /Gozi /ISFB campaign hitting the UK since Yesterday. The criminals are using the theme of Brexit which is very topical in UK ( and the rest of Europe) at the moment. There are numerous subjects all with Brexit somew… Continue reading Large Ursnif campaign hitting UK using Brexit as lure
We are seeing an Ursnif /Gozi /ISFB campaign hitting the UK since yesterday. I was first alerted by this Twitter post. I started to investigate quickly last night and several much better researchers and analysts have taken over and found much more deta… Continue reading Ursnif campaign hitting UK imitating well known companies
Gozi took a larger slice of the financial malware pie and become the most active banking Trojan in 2017, according to the IBM X-Force Threat Intelligence Index 2018.
The post Q1 2018 Results: Gozi (Ursnif) Takes Larger Piece of the Pie and Distributes IcedID appeared first on Security Intelligence.
Continue reading Q1 2018 Results: Gozi (Ursnif) Takes Larger Piece of the Pie and Distributes IcedID
The latest IBM X-Force report highlighted threats stemming from misconfigured cloud servers and inadvertent insider negligence and examined malware trends from 2017 that could continue into 2018.
The post 2018 IBM X Force Report: Shellshock Fades, Gozi Rises and Insider Threats Soar appeared first on Security Intelligence.
Continue reading 2018 IBM X Force Report: Shellshock Fades, Gozi Rises and Insider Threats Soar