Remote Access Tools (RATs) – WindowsTechs.com

Email campaigns leverage updated DBatLoader to deliver RATs, stealers

Posted on September 12, 2023 by Ole Villadsen

IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. Explore the analysis.

The post Email campaigns leverage updated DBatLoader to deliver RATs, stealers appeared first on Security Intelligence.

Continue reading Email campaigns leverage updated DBatLoader to deliver RATs, stealers→

Remote access detection in 2023: Unmasking invisible fraud

Posted on August 23, 2023 by Camila Sablotny

In the ever-evolving fraud landscape, fraudsters have shifted their tactics from using third-party devices to on-device fraud. Now, users face the rising threat of fraud involving remote access tools (RATs), while banks and fraud detection vendors struggle with new challenges in detecting this invisible threat. Let’s examine the modus operandi of fraudsters, prevalence rates across […]

The post Remote access detection in 2023: Unmasking invisible fraud appeared first on Security Intelligence.

Continue reading Remote access detection in 2023: Unmasking invisible fraud→

Hive0117 Continues Fileless Malware Delivery in Eastern Europe

Posted on April 26, 2022 by Melissa Frydrych

Through continued research into the ongoing cyber activity throughout Eastern Europe, IBM Security X-Force identified a phishing email campaign by Hive0117, likely a financially motivated cybercriminal group, from February 2022, designed to deliver the fileless malware variant dubbed DarkWatchman. The campaign masquerades as official communications from the Russian Government’s Federal Bailiffs Service, the Russian-language emails […]

The post Hive0117 Continues Fileless Malware Delivery in Eastern Europe appeared first on Security Intelligence.

Continue reading Hive0117 Continues Fileless Malware Delivery in Eastern Europe→

RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation

Posted on July 12, 2021 by Melissa Frydrych

In a recent collaboration to investigate a rise in malware infections featuring a commercial remote access trojan (RAT), IBM Security X-Force and Cipher Tech Solutions (CT), a defense and intelligence security firm, investigated malicious activity that spiked in the first quarter of 2021. With over 1,300 malware samples collected, the teams analyzed the delivery of […]

The post RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation appeared first on Security Intelligence.

Continue reading RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation→

Attacks on Operational Technology From IBM X-Force and Dragos Data

Posted on July 7, 2021 by Camille Singleton

Operational Technology Threats in 2021: Ransomware, Remote Access Trojans and Targeted Threat Groups Organizations with operational technology (OT) networks face many unique — and often complicated — considerations when it comes to cybersecurity threats. One of the main challenges facing the community is the convergence of an increasingly OT-aware and capable threat landscape with the […]

The post Attacks on Operational Technology From IBM X-Force and Dragos Data appeared first on Security Intelligence.

Continue reading Attacks on Operational Technology From IBM X-Force and Dragos Data→

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

Posted on July 9, 2019 by Pavel Asinovsky

IBM X-Force researchers detected, reverse engineered, reconstructed and simulated a Delphi-based Brazilian remote access Trojan.

The post Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT) appeared first on Security Intelligence.

Continue reading Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)→

Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?

Posted on July 2, 2019 by Pavel Asinovsky

IBM X-Force researchers discovered, reverse engineered and reconstructed AVLay, a remote access Trojan that mixes DLL hijacking with a legitimate executable borrowed from various antivirus programs.

The post Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)? appeared first on Security Intelligence.

Continue reading Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?→

Don’t Let Remote Management Software Contribute to Building Botnets

Posted on January 11, 2017 by Koen Van Impe

IT leaders must be vigilant when using remote management software. Attackers can exploit these tools to infect devices with malware and build botnets.

The post Don’t Let Remote Management Software Contribute to Building Botnets appeared first on Security Intelligence.

Continue reading Don’t Let Remote Management Software Contribute to Building Botnets→