BlotchyQuasar: X-Force Hive0129 targeting financial intuitions in LATAM with a custom banking trojan

In late April through May 2023, IBM Security X-Force found several phishing emails leading to packed executable files delivering malware we have named BlotchyQuasar, likely developed by a group X-Force tracks as Hive0129. BlotchyQuasar is hardcoded to collect credentials from multiple Latin American-based banking applications and websites used within public and private environments. Similar operations […]

The post BlotchyQuasar: X-Force Hive0129 targeting financial intuitions in LATAM with a custom banking trojan appeared first on Security Intelligence.

Continue reading BlotchyQuasar: X-Force Hive0129 targeting financial intuitions in LATAM with a custom banking trojan

New Generation of Phishing Hides Behind Trusted Services

The days when email was the main vector for phishing attacks are long gone. Now, phishing attacks occur on SMS, voice, social media and messaging apps. They also hide behind trusted services like Azure and AWS. And with the expansion of cloud computing, even more Software-as-a-Service (SaaS) based phishing schemes are possible.  Phishing tactics have […]

The post New Generation of Phishing Hides Behind Trusted Services appeared first on Security Intelligence.

Continue reading New Generation of Phishing Hides Behind Trusted Services

Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing?

For threat actors, phishing embodies the holy trinity of goals: easy, effective and profitable. It’s no wonder that the 2022 X-Force Threat Intelligence Index reports that phishing was the top method used by attackers to breach an organization. Of all the attacks that X-Force remediated in 2021, attackers used phishing in 41% of them. Because […]

The post Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing? appeared first on Security Intelligence.

Continue reading Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing?

Why Phishing Is Still the Top Attack Method

Attackers are known to pore over a company’s website and social channels. Perhaps they spot a mention of an upcoming charity event. Who runs the charity? What does their email signature look like? What’s the color and size of the charity’s logo?    This kind of information is priceless to attackers. From there, attackers can craft […]

The post Why Phishing Is Still the Top Attack Method appeared first on Security Intelligence.

Continue reading Why Phishing Is Still the Top Attack Method

Why Phishing Is Still the Top Attack Method

Attackers are known to pore over a company’s website and social channels. Perhaps they spot a mention of an upcoming charity event. Who runs the charity? What does their email signature look like? What’s the color and size of the charity’s logo?    This kind of information is priceless to attackers. From there, attackers can craft […]

The post Why Phishing Is Still the Top Attack Method appeared first on Security Intelligence.

Continue reading Why Phishing Is Still the Top Attack Method

Hive0117 Continues Fileless Malware Delivery in Eastern Europe

Through continued research into the ongoing cyber activity throughout Eastern Europe, IBM Security X-Force identified a phishing email campaign by Hive0117, likely a financially motivated cybercriminal group, from February 2022, designed to deliver the fileless malware variant dubbed DarkWatchman. The campaign masquerades as official communications from the Russian Government’s Federal Bailiffs Service, the Russian-language emails […]

The post Hive0117 Continues Fileless Malware Delivery in Eastern Europe appeared first on Security Intelligence.

Continue reading Hive0117 Continues Fileless Malware Delivery in Eastern Europe

How to Protect Against Deepfake Attacks and Extortion

Cybersecurity professionals are already losing sleep over data breaches and how to best protect their employers from attacks. Now they have another nightmare to stress over — how to spot a deepfake.  Deepfakes are different because attackers can easily use data and images as a weapon. And those using deepfake technology can be someone from […]

The post How to Protect Against Deepfake Attacks and Extortion appeared first on Security Intelligence.

Continue reading How to Protect Against Deepfake Attacks and Extortion

IBM Uncovers Global Phishing Campaign Targeting the COVID-19 Vaccine Cold Chain

At the onset of the COVID-19 pandemic, IBM Security X-Force created a threat intelligence task force dedicated to tracking down COVID-19 cyber threats against organizations that are keeping the vaccine supply chain moving. As part of these efforts, our team recently uncovered a global phishing campaign targeting organizations associated with a COVID-19 cold chain. The cold […]

The post IBM Uncovers Global Phishing Campaign Targeting the COVID-19 Vaccine Cold Chain appeared first on Security Intelligence.

Continue reading IBM Uncovers Global Phishing Campaign Targeting the COVID-19 Vaccine Cold Chain

‘Copyright Violation’ Notices Lead to Facebook 2FA Bypass

Fraudulent Facebook messages allege copyright infringement and threaten to take down pages, unless users enter logins, passwords and 2FA codes. Continue reading ‘Copyright Violation’ Notices Lead to Facebook 2FA Bypass

Office 365 Phishing Attack Leverages Real-Time Active Directory Validation

Attackers check the victims’ Office 365 credentials in real time as they are typed into the phishing landing page, by using authentication APIs. Continue reading Office 365 Phishing Attack Leverages Real-Time Active Directory Validation