October 2020 saw the TrickBot Trojan, a prominent cybercrime gang’s tool of choice, suffer a takedown attempt by security vendors and law enforcement. Unfortunately, the takedown was not effective, and beyond coming back to life shortly after, TrickBot’s operators released a new and more persistent version of the malware. In this post, IBM Trust

One data breach can lead to another. Because so much of the data stolen in breaches ends up for sale on the dark web, a threat actor can purchase authentication credentials — the emails and passwords — of the organization’s employees without having to steal them directly. With that information in hand, threat actors have an open door into

You’ve done your due diligence, practice good security hygiene and have the best security tools available. Now, your security posture is strong. But, your plan is only as good as your employees, and they may be letting you down when it comes to being ready for social engineering.   While employees clicking on phishing links still presents a

The period between Christmas and New Year’s Day has long been the time people give to charities the most, making the charities themselves attractive targets for cyber criminals. Because the events of 2020 will likely boost existing trends, nonprofit cybersecurity challenges may be greater than ever this year — even as groups find themselves with

This holiday season, many people will turn to charities to give back. The last thing they want to do is give money to scammers instead of a cause they truly support. According to the FBI’s website, charity fraud rises during the holidays, when people choose to make end-of-year tax deductible gifts. “Seasonal charity scams can pose greater diffi

As the holiday shopping season shifts into high gear, the COVID-19 pandemic is accelerating an ongoing trend: shoppers are opting to buy online. Rather than flooding brick-and-mortar stores — and point-of-sale (POS) machines — with sales, studies suggest a high percentage of shoppers in 2020 will be using online options and e-commerce

If I had polled cybersecurity experts on their way to work on May 12, 2017, most of them would have said they knew a major cybersecurity event loomed. Yet, on that day no one expected that they were walking into the perfect storm — in the form of WannaCry ransomware, the most damaging cyberattack to date — when they traveled by car, train or fer

The use of online streaming services was already burgeoning well before most of the world started spending so much time at home. The current explosion in the demand for video and music streaming services is cause for celebration in the industry, but it has a dark side. Account fraud, sharing and takeover, enabled by password sharing and identity theft, is e

Jackpotting, an older ATM theft technique, could show security operations team members what to look out for when it comes to Internet of things (IoT) attacks in general, and even election machine vulnerabilities.  This technique first entered the U.S. cybersecurity lexicon in 2018, when Brian Krebs warned of attacks at American ATMs. Jackpotting, Krebs

Distributed denial of service (DDoS) attacks are increasing in size, frequency and duration. Kaspersky Lab reported a doubling of DDoS attacks in the first quarter of 2020 compared with the fourth quarter of 2019, plus an 80% jump compared with the same quarter last year. Kaspersky also found that DDoS cyberattacks are increasing in duration. Average attack

The Ginp mobile banking malware, which emerged in late 2019, is one of the top most prevalent Android banking malware families today. It started as a simple short message server (SMS) stealer and rapidly evolved into one of the most advanced actors in the financial fraud landscape. Ginp has primarily targeted Spanish banks, but recent evidence suggests the m

In today’s hybrid multicloud environment, users expect to be able to access their work and personal resources from wherever they are, whenever they need them. With this expanded security perimeter, and especially considering this year’s tectonic shift in remote work, organizations need to be prepared with a distributed security strategy that incorporates pri

Since the World Health Organization (WHO) declared the COVID-19 outbreak a pandemic on March 11, IBM X-Force has observed a more than 6,000 percent increase in COVID-19-related spam, with lures ranging the full gamut of challenges and concerns facing individuals — from phishing emails impersonating the Small Business Administration (SBA) and the WHO to U.S.

The IcedID banking Trojan was discovered by IBM X-Force researchers in 2017. At that time, it targeted banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites, mainly in the U.S. IcedID has since continued to evolve, and while one of its more recent versions became active in late-2019, X-Force researchers have identifi

IBM X-Force researchers recently analyzed an Android malware app that’s likely being pushed to infected users by the TrickBot Trojan. This app, dubbed “TrickMo” by our team, is designed to bypass strong authentication methods that bank customers use when they need to authorize a transaction. Though it’s not the first of its kind, this