What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-04-24 13:00:00 | Les chercheurs développent des AI \\ 'vers \\' ciblant les systèmes Génératifs AI Researchers develop malicious AI \\'worm\\' targeting generative AI systems (lien direct) |
> Les chercheurs ont créé un nouveau type de logiciel malveillant, jamais vu auparavant, ils appellent le & # 8220; Morris II & # 8221;Worm, qui utilise des services d'IA populaires pour se propager, infecter de nouveaux systèmes et voler des données. & # 160; Le nom fait référence au ver d'ordinateur Morris qui a fait des ravages sur Internet en 1988. Le ver démontre les dangers potentiels des menaces de sécurité de l'IA et[& # 8230;]
>Researchers have created a new, never-seen-before kind of malware they call the “Morris II” worm, which uses popular AI services to spread itself, infect new systems and steal data. The name references the original Morris computer worm that wreaked havoc on the internet in 1988. The worm demonstrates the potential dangers of AI security threats and […] |
Malware | ★★★ | |
|
2024-03-07 11:00:00 | Nouveau faux logiciel malveillant cible les banques latino-américaines New Fakext malware targets Latin American banks (lien direct) |
> Cet article a été rendu possible grâce aux contributions d'Itzhak Chimino, Michael Gal et Liran Tiebloom.Les extensions du navigateur sont devenues intégrales à notre expérience en ligne.Des outils de productivité aux modules complémentaires de divertissement, ces petits modules logiciels offrent des fonctionnalités personnalisées en fonction des préférences individuelles.Malheureusement, les extensions peuvent également s'avérer utiles aux acteurs malveillants.Capitaliser sur le [& # 8230;]
>This article was made possible thanks to contributions from Itzhak Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the […] |
Malware Tool | ★★★ | |
|
2024-01-29 14:00:00 | Ermac Malware: l'autre côté du code Ermac malware: The other side of the code (lien direct) |
> Lorsque le code de Cerberus a été divulgué fin 2020, les chercheurs de fiduciaires IBM ont prévu qu'une nouvelle mutation de Cerberus n'était qu'une question de temps.Plusieurs acteurs ont utilisé le code Cerberus divulgué mais sans modifications significatives du malware.Cependant, le malwarehunterteam a découvert une nouvelle variante de Cerberus & # 8212;connu sous le nom d'ERMAC (également connu sous le nom de crochet) [& # 8230;]
>When the Cerberus code was leaked in late 2020, IBM Trusteer researchers projected that a new Cerberus mutation was just a matter of time. Multiple actors used the leaked Cerberus code but without significant changes to the malware. However, the MalwareHunterTeam discovered a new variant of Cerberus — known as Ermac (also known as Hook) […] |
Malware | ★★★ | |
|
2024-01-28 10:40:50 | Pixpirate: le malware financier brésilien que vous ne pouvez pas voir PixPirate: The Brazilian financial malware you can\\'t see (lien direct) |
Le logiciel malveillant vise toujours à rester caché, se rendant invisible pour que les victimes ne puissent pas la détecter.Le malware Pixpirate en constante mutation a apporté cette stratégie à un nouvel extrême.Pixpirate est un logiciel malveillant à accès à distance (rat) sophistiqué qui utilise fortement les techniques anti-recherche.Ce vecteur d'infection malware est basé sur deux applications malveillantes: a [& # 8230;]
Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a […] |
Malware | ★★★ | |
|
2023-12-19 14:00:00 | Les injections sur le Web sont de retour en augmentation: 40+ banques affectées par une nouvelle campagne de logiciels malveillants Web injections are back on the rise: 40+ banks affected by new malware campaign (lien direct) |
> Les injections Web, une technique privilégiée utilisée par divers chevaux de Troie bancaire, ont été une menace persistante dans le domaine des cyberattaques.Ces injections malveillantes permettent aux cybercriminels de manipuler les échanges de données entre les utilisateurs et les navigateurs Web, compromettant potentiellement des informations sensibles.En mars 2023, des chercheurs en sécurité chez IBM Security Trudieer ont découvert une nouvelle campagne de logiciels malveillants en utilisant JavaScript [& # 8230;]
>Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript […] |
Malware Threat | ★★ | |
|
2023-10-27 13:00:00 | L'évolution de 20 ans de conscience de la cybersécurité The evolution of 20 years of cybersecurity awareness (lien direct) |
> Depuis 2004, la Maison Blanche et le Congrès ont désigné le Mois national de sensibilisation à la cybersécurité d'octobre.Cette année marque le 20e anniversaire de cet effort pour sensibiliser à l'importance de la cybersécurité et de la sécurité en ligne.Comment la cybersécurité et les logiciels malveillants ont-ils évolué au cours des deux dernières décennies?Quels types d'outils de gestion des menaces ont fait surface et quand?Le [& # 8230;]
>Since 2004, the White House and Congress have designated October National Cybersecurity Awareness Month. This year marks the 20th anniversary of this effort to raise awareness about the importance of cybersecurity and online safety. How have cybersecurity and malware evolved over the last two decades? What types of threat management tools surfaced and when? The […] |
Malware Tool Threat | ★★ | |
|
2023-09-12 16:00:00 | Les campagnes par e-mail tirent parti de dbatloader mis à jour pour livrer des rats, des voléeurs Email campaigns leverage updated DBatLoader to deliver RATs, stealers (lien direct) |
> IBM X-FORCE a identifié de nouvelles capacités dans les échantillons de logiciels malveillants DBATloader livrés dans des campagnes de courrier électronique récentes, signalant un risque accru d'infection des familles de logiciels malveillants des produits associés à l'activité DBATloader.Explorez l'analyse.
>IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. Explore the analysis. |
Malware | ★★ | |
|
2023-08-17 10:00:00 | Gozi frappe à nouveau, ciblant les banques, la crypto-monnaie et plus Gozi strikes again, targeting banks, cryptocurrency and more (lien direct) |
> Dans le monde de la cybercriminalité, les logiciels malveillants jouent un rôle de premier plan.Un de ces logiciels malveillants, Gozi, a émergé en 2006 sous le nom de Gozi CRM, également connu sous le nom de CRM ou Papras.Initialement offerte comme plate-forme de crime en tant que service (CAAS) appelé 76Service, Gozi a rapidement acquis une notoriété pour ses capacités avancées.Au fil du temps, Gozi a subi une transformation significative et s'est associé à d'autres [& # 8230;]
>In the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for its advanced capabilities. Over time, Gozi underwent a significant transformation and became associated with other […] |
Malware | ★★ | |
|
2023-08-03 18:00:00 | Bringing threat intelligence and adversary insights to the forefront: X-Force Research Hub (lien direct) | > Aujourd'hui, les défenseurs traitent à la fois un paysage de menace qui change constamment et les attaques constamment qui ont résisté à l'épreuve du temps.L'innovation et les meilleures pratiques coexistent dans le monde criminel, et l'une ne nous distrait de l'autre.IBM X-Force observe continuellement de nouveaux vecteurs d'attaque et de nouveaux logiciels malveillants dans la nature, alors que les adversaires recherchent [& # 8230;]
>Today defenders are dealing with both a threat landscape that’s constantly changing and attacks that have stood the test of time. Innovation and best practices co-exist in the criminal world, and one mustn’t distract us from the other. IBM X-Force is continuously observing new attack vectors and novel malware in the wild, as adversaries seek […] |
Malware Threat | ★★ | |
|
2023-08-03 18:00:00 | Amener les informations sur les menaces et les idées adverses au premier plan: Hub de recherche X-Force Bringing threat intelligence and adversary insights to the forefront: X-Force Research Hub (lien direct) |
> Aujourd'hui, les défenseurs traitent à la fois un paysage de menace qui change constamment et les attaques constamment qui ont résisté à l'épreuve du temps.L'innovation et les meilleures pratiques coexistent dans le monde criminel, et l'une ne nous distrait de l'autre.IBM X-Force observe continuellement de nouveaux vecteurs d'attaque et de nouveaux logiciels malveillants dans la nature, alors que les adversaires recherchent [& # 8230;]
>Today defenders are dealing with both a threat landscape that’s constantly changing and attacks that have stood the test of time. Innovation and best practices co-exist in the criminal world, and one mustn’t distract us from the other. IBM X-Force is continuously observing new attack vectors and novel malware in the wild, as adversaries seek […] |
Malware Threat | ★★ | |
|
2023-07-14 13:45:00 | Blockyquasar: X-Force HIVE0129 ciblant les intuitions financières à Latam avec un cheval de Troie bancaire personnalisé BlotchyQuasar: X-Force Hive0129 targeting financial intuitions in LATAM with a custom banking trojan (lien direct) |
> Fin avril à mai 2023, IBM Security X-Force a trouvé plusieurs e-mails de phishing menant à des fichiers exécutables emballés offrant des logiciels malveillants que nous avons nommés Blockyquasar, probablement développés par un groupe X-Force Tracks sous le nom de HIVE0129.Blockyquasar est codé en dur pour collecter des informations d'identification de plusieurs applications bancaires en Amérique latine et sites Web utilisés dans des environnements publics et privés.Opérations similaires [& # 8230;]
>In late April through May 2023, IBM Security X-Force found several phishing emails leading to packed executable files delivering malware we have named BlotchyQuasar, likely developed by a group X-Force tracks as Hive0129. BlotchyQuasar is hardcoded to collect credentials from multiple Latin American-based banking applications and websites used within public and private environments. Similar operations […] |
Malware | ★★ | |
|
2023-06-01 10:00:00 | Ransomware Renaissance 2023: The Definitive Guide to Stay Safer (lien direct) | > Le ransomware connaît une Renaissance en 2023, certaines sociétés de cybersécurité signalant plus de 400 attaques au mois de mars.Et cela ne devrait pas être une surprise: l'indice de renseignement sur les menaces X 2023 a trouvé des déploiements de porte dérobée & # 8212;MALWORED offrant un accès à distance & # 8212;comme l'action supérieure de l'attaquant en 2022, et prédit bien les échecs de porte dérobée de 2022 [& # 8230;]
>Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures […] |
Ransomware Malware Threat | ★★ | |
|
2023-06-01 10:00:00 | Ransomware Renaissance 2023: Le guide définitif pour rester en sécurité Ransomware Renaissance 2023: The Definitive Guide to Stay Safer (lien direct) |
> Le ransomware connaît une Renaissance en 2023, certaines sociétés de cybersécurité signalant plus de 400 attaques au mois de mars.Et cela ne devrait pas être une surprise: l'indice de renseignement sur les menaces X 2023 a trouvé des déploiements de porte dérobée & # 8212;MALWORED offrant un accès à distance & # 8212;comme l'action supérieure de l'attaquant en 2022, et prédit bien les échecs de porte dérobée de 2022 [& # 8230;]
>Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures […] |
Ransomware Malware Threat | ★★ | |
|
2023-05-08 13:00:00 | Comment le voleur d'informations Zeus Trojan a changé de cybersécurité How the ZeuS Trojan Info Stealer Changed Cybersecurity (lien direct) |
> Les logiciels malveillants du voleur d'informations sont un type de logiciel malveillant conçu pour collecter des informations sensibles auprès d'un ordinateur de victime.Également connue sous le nom de voleurs d'informations, de voleurs de données ou de logiciels malveillants de vol de données, ce logiciel est vrai à son nom: après avoir infecté un ordinateur ou un appareil, il est très apte à exfiltrant des informations d'identification de connexion, des informations financières et des données personnelles.Info Stealers [& # 8230;]
>Information stealer malware is a type of malicious software designed to collect sensitive information from a victim’s computer. Also known as info stealers, data stealers or data-stealing malware, this software is true to its name: after infecting a computer or device, it’s highly adept at exfiltrating login credentials, financial information and personal data. Info stealers […] |
Malware | ★★ | |
|
2023-04-14 17:30:00 | Les acteurs ex-Conti et Fin7 collaborent avec la nouvelle porte dérobée Domino Ex-Conti and FIN7 Actors Collaborate with New Domino Backdoor (lien direct) |
> Ce blog a été rendu possible grâce à des contributions de Christopher Caridi. & # 160;IBM Security X-Force a récemment découvert une nouvelle famille de logiciels malveillants que nous avons appelée & # 8220; Domino, & # 8221;que nous évaluons a été créé par les développeurs associés au groupe cybercriminéal que X-Force suit ITG14, également connu sous le nom de FIN7.Anciens membres du syndicat Trickbot / Conti qui suit X-Force comme itg23 [& # 8230;]
>This blog was made possible through contributions from Christopher Caridi. IBM Security X-Force recently discovered a new malware family we have called “Domino,” which we assess was created by developers associated with the cybercriminal group that X-Force tracks as ITG14, also known as FIN7. Former members of the Trickbot/Conti syndicate which X-Force tracks as ITG23 […] |
Malware | ★★ | |
|
2023-04-14 13:00:00 | Méthodes de détection: savez-vous où sont vos informations d'identification? Detection Methods: Do You Know Where Your Credentials are? (lien direct) |
> Les logiciels malveillants de volée de l'information sont devenus extrêmement omniprésents ces dernières années.Ce malware récolte des millions d'identification par an, des dispositifs et entreprises de terminaux à travers le monde aux effets dévastateurs. & # 160;En utilisant des méthodes d'attaque hautement automatisées et orchestrées, les acteurs de la menace et les courtiers d'accès initiaux fournissent une approvisionnement sans fin d'identification compromise aux syndicats de cyber-criminels qui utilisent ces informations d'identification [& # 8230;]
>Information-stealing malware has become extremely pervasive in recent years. This malware harvests millions of credentials annually from endpoint devices and enterprises across the globe to devastating effects. Using highly automated and orchestrated attack methods, threat actors and initial access brokers provide an endless supply of compromised credentials to cyber criminal syndicates who use those credentials […] |
Malware Threat | ★★ | |
|
2023-03-24 13:00:00 | Nouvelles attaques cible les canaux de service à la clientèle en ligne [New Attack Targets Online Customer Service Channels] (lien direct) | > Un groupe d'attaquant inconnu cible les agents du service client dans les sociétés de jeu et de jeu avec un nouvel effort de logiciel malveillant.Connu sous le nom de IceBreaker, le code est capable de voler des mots de passe et des cookies, d'expulser les fichiers, de prendre des captures d'écran et d'exécuter des scripts VBS personnalisés.Bien que ce soient des fonctions assez standard, ce qui distingue le brise-glace, c'est son vecteur d'infection.Malveillant [& # 8230;]
>An unknown attacker group is targeting customer service agents at gambling and gaming companies with a new malware effort. Known as IceBreaker, the code is capable of stealing passwords and cookies, exfiltrating files, taking screenshots and running custom VBS scripts. While these are fairly standard functions, what sets IceBreaker apart is its infection vector. Malicious […] |
Malware | ★★ | |
|
2023-03-20 18:30:00 | When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule (lien direct) | > En février 2023, X-Force a publié un blog intitulé & # 8220; Direct Kernel Object Manipulation (DKOM) Attacks contre les fournisseurs ETW & # 8221;Cela détaille les capacités d'un échantillon attribué au groupe Lazare se sont exploités pour altérer la visibilité des opérations de logiciels malveillants.Ce blog ne remaniera pas l'analyse de l'échantillon de logiciel malveillant Lazarus ou du traçage d'événements pour Windows (ETW) comme [& # 8230;]
>In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as […] |
Malware Medical | APT 38 | ★★★ |
|
2023-02-16 18:00:00 | Detecting the Undetected: The Risk to Your Info (lien direct) | >IBM’s Advanced Threat Detection and Response Team (ATDR) has seen an increase in the malware family known as information stealers in the wild over the past year. Info stealers are malware with the capability of scanning for and exfiltrating data and credentials from your device. When executed, they begin scanning for and copying various directories […] | Malware Threat | ★★★ | |
|
2023-02-16 14:00:00 | What are the Duties of a Malware Analyst? (lien direct) | >Malware breaches begin in many ways. Recently, multiple fake antivirus apps in the Google Play Store were infected with malware. Earlier this year, malware deployed through satellites shut down modems in Ukraine. Destructive malware attacks have an average lifecycle of 324 days (233 days to identify and 91 days to contain), compared to the global […] | Malware | ★★ | |
|
2023-02-10 14:00:00 | Six Common Ways That Malware Strains Get Their Names (lien direct) | >You’re likely familiar with the names of common malware strains such as MOUSEISLAND, Agent Tesla and TrickBot. But do you know how new malware threats get their names? As a cybersecurity writer, I quickly add new strains to my vocabulary. But I never knew how they came to have those names in the first place. […] | Malware | ★★★ | |
|
2023-01-25 17:30:00 | Kronos Malware Reemerges with Increased Functionality (lien direct) | >The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos […] | Malware | ★★ | |
|
2023-01-11 01:00:00 | A View Into Web(View) Attacks in Android (lien direct) | >James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks to commit fraud, in Android-based financial malware this is a new trend. Traditionally, financial malware […] | Malware | ★★ | |
|
2022-12-19 14:00:00 | How Reveton Ransomware-as-a-Service Changed Cybersecurity (lien direct) | >In 2012, Reveton ransomware emerged. It’s considered to be the first Ransomware-as-a-Service (RaaS) operation ever. Since then, RaaS has enabled gangs with basic technical skills to launch attacks indiscriminately. Now, nearly anyone can create highly effective malware campaigns. We now see RaaS outfits with organizational capabilities that rival the most professional Software-as-a-Service (SaaS) brands. But […] | Ransomware Malware | ★★★ | |
|
2022-11-28 14:00:00 | Worms of Wisdom: How WannaCry Shapes Cybersecurity Today (lien direct) | >WannaCry wasn’t a particularly complex or innovative ransomware attack. What made it unique, however, was its rapid spread. Using the EternalBlue exploit, malware could quickly move from device to device, leveraging a flaw in the Microsoft Windows Server Message Block (SMB) protocol. As a result, when the WannaCry “ransomworm” hit networks in 2017, it expanded […] | Ransomware Malware | Wannacry Wannacry | ★★ |
|
2022-11-22 17:00:00 | RansomExx Upgrades to Rust (lien direct) | >IBM Security X-Force Threat Researchers have discovered a new variant of the RansomExx ransomware that has been rewritten in the Rust programming language, joining a growing trend of ransomware developers switching to the language. Malware written in Rust often benefits from lower AV detection rates (compared to those written in more common languages) and this […] | Ransomware Malware Threat | ★★★★ | |
|
2022-11-07 17:29:50 | How the Mac OS X Trojan Flashback Changed Cybersecurity (lien direct) | >Not so long ago, the Mac was thought to be impervious to viruses. In fact, Apple once stated on its website that “it doesn’t get PC viruses”. But that was before the Mac OS X Trojan Flashback malware appeared in 2012. Since then, Mac and iPhone security issues have changed dramatically — and so has […] | Malware | ||
|
2022-09-22 13:00:00 | Does Follina Mean It\'s Time to Abandon Microsoft Office? (lien direct) | As a freelance writer, I spend most of my day working in Microsoft Word. Then, I send drafts to clients and companies across the globe. So, news of the newly discovered Microsoft Office vulnerability made me concerned about the possibility of accidentally spreading malware to my clients. I take extra precautions to ensure that I’m […] | Malware Vulnerability | ||
|
2022-09-01 16:20:00 | Raspberry Robin and Dridex: Two Birds of a Feather (lien direct) | >IBM Security Managed Detection and Response (MDR) observations coupled with IBM Security X-Force malware research sheds additional light on the mysterious objectives of the operators behind the Raspberry Robin worm. Based on a comparative analysis between a downloaded Raspberry Robin DLL and a Dridex malware loader, the results show that they are similar in structure […] | Malware | ||
|
2022-08-18 15:58:00 | From Ramnit To Bumblebee (via NeverQuest): Similarities and Code Overlap Shed Light On Relationships Between Malware Developers (lien direct) | >A comparative analysis performed by IBM Security X-Force uncovered evidence that suggests Bumblebee malware, which first appeared in the wild last year, was likely developed directly from source code associated with the Ramnit banking trojan. This newly discovered connection is particularly interesting as campaign activity has so far linked Bumblebee to affiliates of the threat […] | Malware Threat | ||
|
2022-06-08 01:26:57 | What TrickBot tells us about the future of (lien direct) | >What TrickBot tells us about the future of malware Malware attackers are increasingly sophisticated. Here’s what to know On TrickBot and the future of malware Malware threats have plagued organizations for decades, but that’s no reason to be complacent with a security strategy that has to date protected your organization. Now more than ever, malware is […] | Malware Threat | ||
|
2022-05-26 13:00:00 | Lessons Learned by 2022 Cyberattacks: X-Force Threat Intelligence Report (lien direct) | >Every year, the IBM Security X-Force team of cybersecurity experts mines billions of data points to reveal today’s most urgent security statistics and trends. This year’s X-Force Threat Intelligence Index 2022 digs into attack types, infection vectors, top threat actors, malware trends and industry-specific insights. This year, a new industry took the infamous top spot: […] | Malware Threat | ||
|
2022-05-06 13:00:00 | The Growing Danger of Data Exfiltration by Third-Party Web Scripts (lien direct) | The theft of personal or sensitive data is one of the biggest threats to online business. This danger, data exfiltration or data extrusion, comes from a wide variety of attack vectors. These include physical theft of devices, insider attacks within a corporate network and phishing, malware or third-party scripts. The risk for regular website users […] | Malware | ★★★★ | |
|
2022-04-26 12:00:00 | Hive0117 Continues Fileless Malware Delivery in Eastern Europe (lien direct) | Through continued research into the ongoing cyber activity throughout Eastern Europe, IBM Security X-Force identified a phishing email campaign by Hive0117, likely a financially motivated cybercriminal group, from February 2022, designed to deliver the fileless malware variant dubbed DarkWatchman. The campaign masquerades as official communications from the Russian Government’s Federal Bailiffs Service, the Russian-language emails […] | Malware | ||
|
2022-04-25 15:30:00 | Solving the Data Problem Within Incident Response (lien direct) | One of the underappreciated aspects of incident response (IR) is that it often starts as a data problem. In many cases, IR teams are presented with an effect such as malware or adversary activity and charged with determining the cause through the identification of evidence that ties the cause and effect together within an environment […] | Malware | ||
|
2022-04-13 10:00:00 | Where Everything Old is New Again: Operational Technology and Ghost of Malware Past (lien direct) | This post was written with contributions from IBM Security’s Sameer Koranne and Elias Andre Carabaguiaz Gonzalez. Operational technology (OT) — the networks that control industrial control system processes — face a more complex challenge than their IT counterparts when it comes to updating operating systems and software to avoid known vulnerabilities. In some cases, implementation […] | Malware | ★★★★★ | |
|
2022-03-31 13:00:00 | 2022 Banking & Finance Security Intelligence Roundup (lien direct) | The banking and finance industries deliver more services online now than ever before due to the pandemic. As a result, banking cybersecurity became more important than ever this year. Some of the threats to big data security in recent years included ransomware attacks, the growth of contactless payments, mobile malware attacks and even data breaches […] | Ransomware Malware | ||
|
2022-03-15 20:45:00 | CaddyWiper: Third Wiper Malware Targeting Ukrainian Organizations (lien direct) | On March 1, 2022, ESET reported a third destructive data wiper variant used in attacks against Ukrainian organizations dubbed as CaddyWiper. CaddyWiper’s method of destruction is by overwriting file data with “NULL” values. This is the fourth sample of malware IBM Security X-Force has released public content for which has been reportedly targeted systems belonging […] | Malware | ||
|
2022-03-10 14:00:00 | Starting at Home: Cybersecurity in the Hybrid Workplace (lien direct) | As people settle into the late stages of the pandemic, the hybrid workplace is not going anywhere. Therefore, the enterprise must address the increasing number of entry points into the network as more employees work remotely. In 2021, 61% of malware directed at organizations targeted remote employees via cloud apps. Since the onset of the pandemic, […] | Malware | ||
|
2022-03-04 20:57:27 | New Wiper Malware Used Against Ukranian Organizations (lien direct) | On February 24, 2022, ESET reported another destructive wiper detected at a Ukrainian government organization dubbed as IsaacWiper. This is the third sample of malware IBM Security X-Force has analyzed which has been reportedly targeting systems belonging to Ukrainian organizations. IBM Security X-Force obtained a sample of the IsaacWiper ransomware and has provided the following […] | Ransomware Malware | ||
|
2022-02-24 17:00:00 | IBM Security X-Force Research Advisory: New Destructive Malware Used In Cyber Attacks on Ukraine (lien direct) | This post was written with contributions from IBM Security X-Force’s Christopher Del Fierro, Claire Zaboeva and Richard Emerson. On February 23, 2022, open-source intelligence sources began reporting detections of a wiper malware — a destructive family of malware designed to permanently destroy data from the target — executing on systems belonging to Ukrainian organizations. IBM […] | Malware | ||
|
2022-02-02 17:00:00 | TrickBot Gang Uses Template-Based Metaprogramming in Bazar Malware (lien direct) | Malware authors use various techniques to obfuscate their code and protect against reverse engineering. Techniques such as control flow obfuscation using Obfuscator-LLVM and encryption are often observed in malware samples. This post describes a specific technique that involves what is known as metaprogramming, or more specifically template-based metaprogramming, with a particular focus on its implementation […] | Malware | ||
|
2022-01-24 13:00:00 | TrickBot Bolsters Layered Defenses to Prevent Injection Research (lien direct) | This post was written with contributions from IBM X-Force’s Limor Kessem and Charlotte Hammond. The cyber crime gang that operates the TrickBot Trojan, as well as other malware and ransomware attacks, has been escalating activity. As part of that escalation, malware injections have been fitted with added protection to keep researchers out and get through […] | Ransomware Malware | ||
|
2021-12-23 14:00:00 | Ransomware Attackers\' New Tactic: Double Extortion (lien direct) | Need another reason to defend against ransomware instead of ending up having to find a solution other than paying it? Double extortion may be it. So, what is double extortion? When did it start? With this tactic, ransomware actors steal a victim’s data before their malware strain activates its encryption routine. They then have the […] | Ransomware Malware | ||
|
2021-12-01 08:00:00 | X-Force Threat Intelligence: Monthly Malware Roundup (lien direct) | Today’s reality means that organizations need to be constantly vigilant against security breaches. Having a robust incident response plan in place is vital. IBM Security X-Force is a team dedicated to delivering the latest threat intelligence, research and analysis reports that help you manage risk in your organization. This monthly malware roundup offers a summary […] | Malware Threat | ||
|
2021-10-13 10:00:00 | Trickbot Rising - Gang Doubles Down on Infection Efforts to Amass Network Footholds (lien direct) | IBM X-Force has been tracking the activity of ITG23, a prominent cybercrime gang also known as the TrickBot Gang and Wizard Spider. Researchers are seeing an aggressive expansion of the gang’s malware distribution channels, infecting enterprise users with Trickbot and BazarLoader. This move is leading to more ransomware attacks — particularly ones using the Conti […] | Ransomware Malware Guideline | ||
|
2021-09-23 15:00:00 | New ZE Loader Targets Online Banking Users (lien direct) | IBM Trusteer closely follows developments in the financial cyber crime arena. Recently, we discovered a new remote overlay malware that is more persistent and more sophisticated than most current-day codes. In this post we will dive into the technical details of the sample we worked on and present ZE Loader’s capabilities and features. The parts […] | Malware | ||
|
2021-07-26 16:00:00 | Double Encryption: When Ransomware Recovery Gets Complicated (lien direct) | Ever hear of double extortion? It’s a technique increasingly employed by ransomware attackers. A malware payload steals a victim’s plaintext information before launching its encryption routine. Those operating the ransomware then go on to demand two ransoms — one for a decryption utility and the other for the deletion of the victim’s stolen information from […] | Ransomware Malware | ||
|
2021-07-12 14:00:00 | RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation (lien direct) | In a recent collaboration to investigate a rise in malware infections featuring a commercial remote access trojan (RAT), IBM Security X-Force and Cipher Tech Solutions (CT), a defense and intelligence security firm, investigated malicious activity that spiked in the first quarter of 2021. With over 1,300 malware samples collected, the teams analyzed the delivery of […] | Malware | ||
|
2021-06-29 16:00:00 | A Fly on ShellBot\'s Wall: The Risk of Publicly Available Cryptocurrency Miners (lien direct) | IBM Security X-Force researchers studied the botnet activity of a malware variant that is used by cyber crime groups to illegally mine cryptocurrency. Examining two ShellBot botnets that appeared in attacks honeypots caught, the X-Force team was able to infect its own devices and become part of the live botnets, thereby gaining insight into how […] | Malware |
To see everything:
Our RSS (filtrered)
