According to IBM X-Force data on the activity of financial malware operated by organized cybercrime groups, the Ursnif (aka Gozi) banking Trojan was the most active malware code in the financial sector in 2016 and has maintained its dominance through 2017 to date. Ursnif’s activity is marked by both frequent code modifications and campaign activity in

Top-tier financial malware like Dridex, Neverquest and Gozi offer a wide range of malicious capabilities, such as form-grabbing, screen capture, webinjections and more. One notable capability is the hidden virtual network computing (hVNC) module, which allows attackers to gain user-grade access to an infected PC. It’s no secret that banking Trojans con

Ready to catch up on the news you might’ve missed and start the week off right? Hear how the Gozi Trojan is wreaking havoc in Eastern Europe, learn about the Data Protection Triple Crown, get insight on the Internet of Things, understand the four questions to ask regarding endpoint security, and find out who became the first FedRAMP certified Enterpris

In what appears to be a trend, another banking Trojan is preparing to attack Eastern Europe. This time it is the Gozi/ISFB Trojan, which just added nine major banks in Bulgaria to its list of targets. What’s New? In early August 2015, IBM Security X-Force researchers analyzed a new Gozi Trojan configuration file that is, according to our data, the firs