IBM X-Force Research – Page 4

Raspberry Robin and Dridex: Two Birds of a Feather

Posted on September 1, 2022 by Kevin Henson

IBM Security Managed Detection and Response (MDR) observations coupled with IBM Security X-Force malware research sheds additional light on the mysterious objectives of the operators behind the Raspberry Robin worm. Based on a comparative analysis between a downloaded Raspberry Robin DLL and a Dridex malware loader, the results show that they are similar in structure […]

The post Raspberry Robin and Dridex: Two Birds of a Feather appeared first on Security Intelligence.

Continue reading Raspberry Robin and Dridex: Two Birds of a Feather→

From Ramnit To Bumblebee (via NeverQuest): Similarities and Code Overlap Shed Light On Relationships Between Malware Developers

Posted on August 18, 2022 by Charlotte Hammond

A comparative analysis performed by IBM Security X-Force uncovered evidence that suggests Bumblebee malware, which first appeared in the wild last year, was likely developed directly from source code associated with the Ramnit banking trojan. This newly discovered connection is particularly interesting as campaign activity has so far linked Bumblebee to affiliates of the threat […]

The post From Ramnit To Bumblebee (via NeverQuest): Similarities and Code Overlap Shed Light On Relationships Between Malware Developers appeared first on Security Intelligence.

Continue reading From Ramnit To Bumblebee (via NeverQuest): Similarities and Code Overlap Shed Light On Relationships Between Malware Developers→

Healthcare Breaches Costliest for 12 Years Running, Hit New $10.1M Record High

Posted on August 17, 2022 by Limor Kessem

IBM Security and the Ponemon institute release an annual report known as one the most significant industry benchmarks. The Cost of a Data Breach analysis examines real-world breaches in great detail, producing insights into the factors that impact the cost of cyber-attacks. In the 2022 report just released, the healthcare sector stands out for extremely […]

The post Healthcare Breaches Costliest for 12 Years Running, Hit New $10.1M Record High appeared first on Security Intelligence.

Continue reading Healthcare Breaches Costliest for 12 Years Running, Hit New $10.1M Record High→

X-Force 2022 Insights: An Expanding OT Threat Landscape

Posted on August 16, 2022 by Mike Worley

This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities. The OT cyber threat landscape […]

The post X-Force 2022 Insights: An Expanding OT Threat Landscape appeared first on Security Intelligence.

Continue reading X-Force 2022 Insights: An Expanding OT Threat Landscape→

Controlling the Source: Abusing Source Code Management Systems

Posted on August 9, 2022 by Brett Hawkins

For full details on this research, see the X-Force Red whitepaper “Controlling the Source: Abusing Source Code Management Systems”. This material is also being presented at Black Hat USA 2022. Source Code Management (SCM) systems play a vital role within organizations and have been an afterthought in terms of defenses compared to other critical enterprise […]

The post Controlling the Source: Abusing Source Code Management Systems appeared first on Security Intelligence.

Continue reading Controlling the Source: Abusing Source Code Management Systems→

What’s New in the 2022 Cost of a Data Breach Report

Posted on July 27, 2022 by John Zorabedian

The average cost of a data breach reached an all-time high of $4.35 million this year, according to newly published 2022 Cost of a Data Breach Report, an increase of 2.6% from a year ago and 12.7% since 2020.

The post What’s New in the 2022 Cost of a Data Breach Report appeared first on Security Intelligence.

Continue reading What’s New in the 2022 Cost of a Data Breach Report→

Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine

Posted on July 7, 2022 by Ole Villadsen

Following ongoing research our team, IBM Security X-Force has uncovered evidence indicating that the Russia-based cybercriminal syndicate “Trickbot group” has been systematically attacking Ukraine since the Russian invasion — an unprecedented shift as the group had not previously targeted Ukraine. Between mid-April and mid-June of 2022 the Trickbot group, tracked by X-Force as ITG23 and […]

The post Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine appeared first on Security Intelligence.

Continue reading Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine→

Countdown to Ransomware: Analysis of Ransomware Attack Timelines

Posted on June 1, 2022 by John Dwyer

This research was made possible through the data collection efforts of Maleesha Perera, Joffrin Alexander, and Alana Quinones Garcia. Key Highlights The average duration of an enterprise ransomware attack reduced 94.34% between 2019 and 2021: 2019: 2+ months — The TrickBot (initial access) to Ryuk (deployment) attack path resulted in a 90% increase in ransomware […]

The post Countdown to Ransomware: Analysis of Ransomware Attack Timelines appeared first on Security Intelligence.

Continue reading Countdown to Ransomware: Analysis of Ransomware Attack Timelines→

Black Basta Besting Your Network?

Posted on May 26, 2022 by Kevin Henson

This post was written with contributions from Chris Caridi and Kat Weinberger. IBM Security X-Force has been tracking the activity of Black Basta, a new ransomware group that first appeared in April 2022. To date, this group has claimed attribution of 29 different victims across multiple industries using a double extortion strategy where the attackers […]

The post Black Basta Besting Your Network? appeared first on Security Intelligence.

Continue reading Black Basta Besting Your Network?→

ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups

Posted on May 19, 2022 by Charlotte Hammond

IBM Security X-Force researchers have continually analyzed the use of several crypters developed by the cybercriminal group ITG23, also known as Wizard Spider, DEV-0193, or simply the “Trickbot Group”. The results of this research, along with evidence gained from the disclosure of internal ITG23 chat logs (“Contileaks”), provide new insight into the connections and cooperation […]

The post ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups appeared first on Security Intelligence.

Continue reading ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups→