Remote-Access Trojan (RAT) – WindowsTechs.com

RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation

Posted on July 12, 2021 by Melissa Frydrych

In a recent collaboration to investigate a rise in malware infections featuring a commercial remote access trojan (RAT), IBM Security X-Force and Cipher Tech Solutions (CT), a defense and intelligence security firm, investigated malicious activity that spiked in the first quarter of 2021. With over 1,300 malware samples collected, the teams analyzed the delivery of […]

The post RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation appeared first on Security Intelligence.

Continue reading RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation→

Attacks on Operational Technology From IBM X-Force and Dragos Data

Posted on July 7, 2021 by Camille Singleton

Operational Technology Threats in 2021: Ransomware, Remote Access Trojans and Targeted Threat Groups Organizations with operational technology (OT) networks face many unique — and often complicated — considerations when it comes to cybersecurity threats. One of the main challenges facing the community is the convergence of an increasingly OT-aware and capable threat landscape with the […]

The post Attacks on Operational Technology From IBM X-Force and Dragos Data appeared first on Security Intelligence.

Continue reading Attacks on Operational Technology From IBM X-Force and Dragos Data→

SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT

Posted on April 27, 2020 by Melissa Frydrych

As the ongoing COVID-19 pandemic impacts small businesses in the U.S., cybercriminals are trusting that people will be more likely to open unsolicited emails purporting to come from relevant entities.

The post SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT appeared first on Security Intelligence.

Continue reading SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT→

TA505 Continues to Infect Networks With SDBbot RAT

Posted on April 14, 2020 by Melissa Frydrych

IBM X-Force IRIS recently identified attacks likely linked to Hive0065, also known as TA505, which spread the SDBbot remote-access Trojan (RAT) alongside other custom malware.

The post TA505 Continues to Infect Networks With SDBbot RAT appeared first on Security Intelligence.

Continue reading TA505 Continues to Infect Networks With SDBbot RAT→

EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan

Posted on March 18, 2020 by Melissa Frydrych

In recent analysis of malicious activity likely targeting entities based in the Middle East, IBM X-Force IRIS discovered a backdoor malware strain we named “EnigmaSpark.”

The post EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan appeared first on Security Intelligence.

Continue reading EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan→

New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users

Posted on January 21, 2020 by Megan Roddie

IBM X-Force researchers have discovered a new campaign targeting organizations with fake business emails that deliver NetWire remote-access Trojan (RAT) variants.

The post New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users appeared first on Security Intelligence.

Continue reading New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users→

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

Posted on July 9, 2019 by Pavel Asinovsky

IBM X-Force researchers detected, reverse engineered, reconstructed and simulated a Delphi-based Brazilian remote access Trojan.

The post Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT) appeared first on Security Intelligence.

Continue reading Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)→

Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?

Posted on July 2, 2019 by Pavel Asinovsky

IBM X-Force researchers discovered, reverse engineered and reconstructed AVLay, a remote access Trojan that mixes DLL hijacking with a legitimate executable borrowed from various antivirus programs.

The post Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)? appeared first on Security Intelligence.

Continue reading Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?→

How a Cunning Remote Overlay Malware Met Its Match

Posted on April 4, 2019 by Diane Benjuya

A remote overlay malware that is attacking Latin American banks met its match in a solution built from behavioral biometrics, deep research, reverse engineering and finely tuned threat modeling.

The post How a Cunning Remote Overlay Malware Met Its Match appeared first on Security Intelligence.

Continue reading How a Cunning Remote Overlay Malware Met Its Match→

The Simpler the Better? Looking Deeper Into the Malware Used in Brazilian Financial Cybercrime

Posted on December 10, 2018 by Chen Nahman

The majority of financial cybercrime risks can be mitigated with continued user education and by placing the right controls on user devices to help protect against malware.

The post The Simpler the Better? Looking Deeper Into the Malware Used in Brazilian Financial Cybercrime appeared first on Security Intelligence.

Continue reading The Simpler the Better? Looking Deeper Into the Malware Used in Brazilian Financial Cybercrime→