Emotet Activity Rises as It Uses Coronavirus Scare to Infect Targets in Japan

IBM X-Force has identified a spam campaign targeting users in Japan that employs the Coronavirus scare as a lure to encourage people to open malicious emails.

The post Emotet Activity Rises as It Uses Coronavirus Scare to Infect Targets in Japan appeared first on Security Intelligence.

Continue reading Emotet Activity Rises as It Uses Coronavirus Scare to Infect Targets in Japan

CamuBot Resurfaces With Cross-Channel, Targeted Attacks in Brazil

Recent CamuBot activity resurfaced exactly one year after IBM X-Force researchers made the initial discovery of this malware in September 2018.

The post CamuBot Resurfaces With Cross-Channel, Targeted Attacks in Brazil appeared first on Security Intelligence.

Continue reading CamuBot Resurfaces With Cross-Channel, Targeted Attacks in Brazil

New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users

IBM X-Force researchers have discovered a new campaign targeting organizations with fake business emails that deliver NetWire remote-access Trojan (RAT) variants.

The post New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users appeared first on Security Intelligence.

Continue reading New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users

Enter Dustman: New Wiper Takes After ZeroCleare, Targets Organizations in Saudi Arabia

To understand the similarities between ZeroCleare and Dustman, IBM X-Force researchers took a closer look at their code and the files being used in attacks.

The post Enter Dustman: New Wiper Takes After ZeroCleare, Targets Organizations in Saudi Arabia appeared first on Security Intelligence.

Continue reading Enter Dustman: New Wiper Takes After ZeroCleare, Targets Organizations in Saudi Arabia

TP-Link Archer Router Vulnerability Voids Admin Password, Can Allow Remote Takeover

If exploited, this router vulnerability can allow a remote attacker to take control of the router’s configuration without authentication, putting personal and business data at risk.

The post TP-Link Archer Router Vulnerability Voids Admin Password, Can Allow Remote Takeover appeared first on Security Intelligence.

Continue reading TP-Link Archer Router Vulnerability Voids Admin Password, Can Allow Remote Takeover

Clone or Swap? SIM Card Vulnerabilities to Reckon With

SIM card vulnerabilities leave organizations exposed to SIM swapping and SIM cloning attacks. IBM X-Force findings from dark web analysis suggest these threats are not slowing down anytime soon.

The post Clone or Swap? SIM Card Vulnerabilities to Reckon With appeared first on Security Intelligence.

Continue reading Clone or Swap? SIM Card Vulnerabilities to Reckon With

Leading Magecart Group Targeting Captive Wi-Fi Users via L7 Routers

According to IBM X-Force IRIS, Magecart Group 5 is likely testing malicious code designed for injection into benign JavaScript files loaded by commercial-grade L7 routers.

The post Leading Magecart Group Targeting Captive Wi-Fi Users via L7 Routers appeared first on Security Intelligence.

Continue reading Leading Magecart Group Targeting Captive Wi-Fi Users via L7 Routers

Why Fraudsters Are Flying High on Airline Loyalty Programs

Reading Time: 6 minutes While the value of airline loyalty programs and the customers they serve is well-established, protecting these assets with security controls needs to be more than an afterthought.

The post Why Fraudsters Are Flying High on Airline Loyalty Programs appeared first on Security Intelligence.

Continue reading Why Fraudsters Are Flying High on Airline Loyalty Programs

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

IBM X-Force researchers detected, reverse engineered, reconstructed and simulated a Delphi-based Brazilian remote access Trojan.

The post Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT) appeared first on Security Intelligence.

Continue reading Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?

IBM X-Force researchers discovered, reverse engineered and reconstructed AVLay, a remote access Trojan that mixes DLL hijacking with a legitimate executable borrowed from various antivirus programs.

The post Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)? appeared first on Security Intelligence.

Continue reading Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?