Category Archives: Indicator of Compromise (IoC)

New Fakext malware targets Latin American banks

Posted on by

Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges […]

The post New Fakext malware targets Latin American banks appeared first on Security Intelligence.

Continue reading New Fakext malware targets Latin American banks

How to Defend Against Extortion Groups Like Lapsus$

Posted on by

The hacker group Lapsus$ (sometimes referred to as LAPSUS$ or simply Lapsus) is a relatively newer organization in the cyber arena. The group began to garner public attention in December 2021 after some successful attacks on major corporations, where even the Department of Homeland Security felt it necessary to spend more time researching this group […]

The post How to Defend Against Extortion Groups Like Lapsus$ appeared first on Security Intelligence.

Continue reading How to Defend Against Extortion Groups Like Lapsus$

IOCs vs. IOAs — How to Effectively Leverage Indicators

Posted on by

Cybersecurity teams are consistently tasked to identify cybersecurity attacks, adversarial behavior, advanced persistent threats and the dreaded zero-day vulnerability. Through this endeavor, there is a common struggle for cybersecurity practitioners and operational teams to appropriately leverage indicators of compromise (IOCs) and indicators of attack (IOAs) for an effective monitoring, detection and response strategy. Inexperienced security […]

The post IOCs vs. IOAs — How to Effectively Leverage Indicators appeared first on Security Intelligence.

Continue reading IOCs vs. IOAs — How to Effectively Leverage Indicators

IOCs vs. IOAs — How to Effectively Leverage Indicators

Posted on by

Cybersecurity teams are consistently tasked to identify cybersecurity attacks, adversarial behavior, advanced persistent threats and the dreaded zero-day vulnerability. Through this endeavor, there is a common struggle for cybersecurity practitioners and operational teams to appropriately leverage indicators of compromise (IOCs) and indicators of attack (IOAs) for an effective monitoring, detection and response strategy. Inexperienced security […]

The post IOCs vs. IOAs — How to Effectively Leverage Indicators appeared first on Security Intelligence.

Continue reading IOCs vs. IOAs — How to Effectively Leverage Indicators

IBM Security X-Force Research Advisory: New Destructive Malware Used In Cyber Attacks on Ukraine

Posted on by

This post was written with contributions from IBM Security X-Force’s Anne Jobmann, Claire Zaboeva and Richard Emerson. On February 23, 2022, open-source intelligence sources began reporting detections of a wiper malware — a destructive family of malware designed to permanently destroy data from the target — executing on systems belonging to Ukrainian organizations. IBM Security […]

The post IBM Security X-Force Research Advisory: New Destructive Malware Used In Cyber Attacks on Ukraine appeared first on Security Intelligence.

Continue reading IBM Security X-Force Research Advisory: New Destructive Malware Used In Cyber Attacks on Ukraine

X-Force IRIS Overcomes Broken Decryption Mechanism in Jest Ransomware

Posted on by

IBM X-Force Incident Response and Intelligence Services (IRIS) recently helped a company fend off a ransomware attack by building a custom decryptor for a strain of ransomware known as “Jest.”

The post X-Force IRIS Overcomes Broken Decryption Mechanism in Jest Ransomware appeared first on Security Intelligence.

Continue reading X-Force IRIS Overcomes Broken Decryption Mechanism in Jest Ransomware

Zeus Sphinx Back in Business: Some Core Modifications Arise

Posted on by

With Zeus Sphinx back in the financial cybercrime arena, IBM X-Force is providing a technical analysis of the Sphinx Trojan’s current version, which was first released in the wild in late 2019.

The post Zeus Sphinx Back in Business: Some Core Modifications Arise appeared first on Security Intelligence.

Continue reading Zeus Sphinx Back in Business: Some Core Modifications Arise

EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan

Posted on by

In recent analysis of malicious activity likely targeting entities based in the Middle East, IBM X-Force IRIS discovered a backdoor malware strain we named “EnigmaSpark.”

The post EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan appeared first on Security Intelligence.

Continue reading EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan

PXJ Ransomware Campaign Identified by X-Force IRIS

Posted on by

In a recent analysis from IBM’s X-Force Incident Response and Intelligence Services (IRIS), our team discovered activity related to a new strain of ransomware known as PXJ ransomware.

The post PXJ Ransomware Campaign Identified by X-Force IRIS appeared first on Security Intelligence.

Continue reading PXJ Ransomware Campaign Identified by X-Force IRIS

From Mega to Giga: Cross-Version Comparison of Top MegaCortex Modifications

Posted on by

MegaCortex seems to be looking for ways to improve, and with each version upgrading the previous release’s functions, our team took a closer look at some of the highlights.

The post From Mega to Giga: Cross-Version Comparison of Top MegaCortex Modifications appeared first on Security Intelligence.

Continue reading From Mega to Giga: Cross-Version Comparison of Top MegaCortex Modifications