Category Archives: IBM X-Force Incident Response and Intelligence Services (IRIS)

WannaCry: How the Widespread Ransomware Changed Cybersecurity

Posted on by

If I had polled cybersecurity experts on their way to work on May 12, 2017, most of them would have said they knew a major cybersecurity event loomed. Yet, on that day no one expected that they were walking into the perfect storm — in the form of WannaCry ransomware, the most damaging cyberattack to […]

The post WannaCry: How the Widespread Ransomware Changed Cybersecurity appeared first on Security Intelligence.

Continue reading WannaCry: How the Widespread Ransomware Changed Cybersecurity

Ransomware 2020: Attack Trends Affecting Organizations Worldwide

Posted on by

Ransomware is one of the most intractable — and common — threats facing organizations across all industries and geographies. And, incidents of ransomware attacks continue to rise. Meanwhile, ransomware threat actors are adjusting their attack model to adapt to improvements that organizations are making to recover from these attacks. As of September 2020, one in […]

The post Ransomware 2020: Attack Trends Affecting Organizations Worldwide appeared first on Security Intelligence.

Continue reading Ransomware 2020: Attack Trends Affecting Organizations Worldwide

Deciphering Between Incident Management and Crisis Management

Posted on by

Cyber threats come in many forms and can severely impact business operations, brand reputation, financial standing and even lead to a lawsuit. Organizations must prepare to respond and manage cyber events at different organizational levels to limit their damage and accelerate recovery. Most businesses focus on incident management or crisis management to react to cyber […]

The post Deciphering Between Incident Management and Crisis Management appeared first on Security Intelligence.

Continue reading Deciphering Between Incident Management and Crisis Management

New Research Exposes Iranian Threat Group Operations

Posted on by

IBM X-Force Incident Response Intelligence Services (IRIS) has uncovered rare details on the operations of the suspected Iranian threat group ITG18, which overlaps with Charming Kitten and Phosphorous. In the past few weeks, ITG18 has been associated with targeting of  pharmaceutical companies and the U.S. presidential campaigns. Now, due to operational errors—a basic misconfiguration—by suspected […]

The post New Research Exposes Iranian Threat Group Operations appeared first on Security Intelligence.

Continue reading New Research Exposes Iranian Threat Group Operations

COVID-19 Cybercrime Capitalizing on Brazil’s Government Assistance Program

Posted on by

IBM X-Force Incident Response and Intelligence Services (IRIS) has been tracking cybercrime capitalizing on the coronavirus pandemic since January, and has observed the geographical areas of this activity shift over time. In February, cybercriminals were focusing on Asia, and we observed threat actors targeting potential victims in Japan with coronavirus-related phishing lures. In mid-March and […]

The post COVID-19 Cybercrime Capitalizing on Brazil’s Government Assistance Program appeared first on Security Intelligence.

Continue reading COVID-19 Cybercrime Capitalizing on Brazil’s Government Assistance Program

Multifactor Authentication: The Next Battleground

Posted on by

X-Force Incident Response and Intelligence Services (IRIS) has responded to multiple security incidents where multifactor authentication (MFA) was not implemented—but where implementing MFA might have significantly reduced the impact of the incident. Such incidents have even included destructive malware attacks, resulting in millions of dollars in losses and the irreversible destruction of thousands of machines on the network. […]

The post Multifactor Authentication: The Next Battleground appeared first on Security Intelligence.

Continue reading Multifactor Authentication: The Next Battleground

How Threat Actors Are Adapting to the Cloud

Posted on by

With organizations increasingly moving to cloud environments, cloud security is more critical than ever. Cloud environments often hold large troves of valuable and sensitive data that can put organizations and their customers at risk if they are breached. At the same time, many organizations are still discovering best practices surrounding cloud security and incident response. […]

The post How Threat Actors Are Adapting to the Cloud appeared first on Security Intelligence.

Continue reading How Threat Actors Are Adapting to the Cloud

X-Force IRIS Overcomes Broken Decryption Mechanism in Jest Ransomware

Posted on by

IBM X-Force Incident Response and Intelligence Services (IRIS) recently helped a company fend off a ransomware attack by building a custom decryptor for a strain of ransomware known as “Jest.”

The post X-Force IRIS Overcomes Broken Decryption Mechanism in Jest Ransomware appeared first on Security Intelligence.

Continue reading X-Force IRIS Overcomes Broken Decryption Mechanism in Jest Ransomware

SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT

Posted on by

As the ongoing COVID-19 pandemic impacts small businesses in the U.S., cybercriminals are trusting that people will be more likely to open unsolicited emails purporting to come from relevant entities.

The post SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT appeared first on Security Intelligence.

Continue reading SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT

TA505 Continues to Infect Networks With SDBbot RAT

Posted on by

IBM X-Force IRIS recently identified attacks likely linked to Hive0065, also known as TA505, which spread the SDBbot remote-access Trojan (RAT) alongside other custom malware.

The post TA505 Continues to Infect Networks With SDBbot RAT appeared first on Security Intelligence.

Continue reading TA505 Continues to Infect Networks With SDBbot RAT