HackDig : Dig high-quality web security articles for hackers

SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT

Between late March and mid-April 2020, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a phishing campaign targeting small businesses that appears to originate from the U.S. Government Small Business Administration (SBA.gov). The emails, which contain subjects and attachments related to the need for small businesses to apply for disa
Publish At:2020-05-03 08:13 | Read:334 | Comments:0 | Tags:Government Malware Threat Hunting Credentials Theft Email IB

TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam

IBM X-Force monitors billions of spam emails a year, mapping trending, malicious campaigns and their origins. Recent analysis from our spam traps uncovered a new Trickbot campaign that currently targets email recipients with fake messages purporting to come from the U.S. Department of Labor (DoL). The spam leverages the Family and Medical Leave Act (FMLA), w
Publish At:2020-05-03 08:13 | Read:336 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Cybercrime Fraud

PXJ Ransomware Campaign Identified by X-Force IRIS

Ransomware has become one of the most profitable types of malware in the hands of cybercriminals, with reported cybercrime losses tripling in the last five years, according to the FBI. A constant flow of new and reused code in this realm continues to flood both consumers and organizations who fight to prevent infections, respond to attacks and often resort t
Publish At:2020-03-12 09:13 | Read:435 | Comments:0 | Tags:Malware Threat Intelligence Cryptography Cybercrime Encrypti

Cyberthreat Intelligence Tooling — How to Quickly Locate Your Key Indicators

Everything you do in threat intelligence is about indicators or patterns. In a binary world, patterns are actually just how different indicators work together in the chain of a malicious event. Working with threat intelligence for years now, I’ve often asked myself several fundamental cyberthreat intelligence questions: What exactly is this attack and
Publish At:2020-02-21 09:34 | Read:518 | Comments:0 | Tags:Security Intelligence & Analytics Analysis Data Exfiltration

Emotet Activity Rises as It Uses Coronavirus Scare to Infect Targets in Japan

IBM X-Force has identified a spam campaign targeting users in Japan that employs the Coronavirus scare as a lure to encourage people to open malicious emails. The messages contain Microsoft Office files loaded with macros that, when enabled, launch an infection routine that delivers the Emotet Trojan. In general, Emotet is very focused on infecting companies
Publish At:2020-02-09 10:30 | Read:528 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Cybercrime Cyberc

Threat Intelligence: A Tear-Free Solution to Help SOC Analysts Prepare for the Next WannaCry

It’s been nearly six months since the WannaCry ransomware stole global headlines and thousands of security practitioners flocked to threat intelligence feeds to help streamline their investigations. While the security community has learned many valuable lessons from the attack, it’s impossible to say that a strike of this magnitude won’t ha
Publish At:2017-10-26 01:10 | Read:5079 | Comments:0 | Tags:Malware Security Intelligence & Analytics Threat Intelligenc

Put Threat Intelligence Into Action With Security Apps

It’s now easier than ever to make threat intelligence from IBM X-Force Exchange actionable. Since its inception in 2015, X-Force Exchange has provided both granular indicators of compromise and higher-order intelligence through public collections to help shorten security investigations. A recent update to the X-Force Exchange collaborative platform no
Publish At:2017-09-27 22:45 | Read:3661 | Comments:0 | Tags:Threat Intelligence X-Force Research IBM Security App Exchan

What Do Avocados and Threat Intelligence Have in Common?

Full disclosure: I would not eat guacamole for years because a certain puppet-centric movie I saw as a child had me convinced that it was actually made of frog brains. Once in college, however, seeing guacamole being made completely changed my opinion — unlike a sausage-making demonstration in a rather unfortunate public speaking class that same year of coll
Publish At:2017-09-13 08:20 | Read:3102 | Comments:0 | Tags:Incident Response Threat Intelligence IBM X-Force Exchange I

All in a Spammer’s Workweek: Where Do the Busiest Spammers Work Around the Clock?

IBM X-Force Kassel is a research team that operates massive spam honeypots and monitoring, gleaning data from billions of unsolicited emails every year. With such large amounts of spam coming in, we can more easily map trends. We looked at one recently when analyzing the spammer’s workweek. Our goal in this analysis was to delve into six months of data
Publish At:2017-08-21 15:05 | Read:4036 | Comments:0 | Tags:Advanced Threats Fraud Protection Threat Intelligence IBM X-

Stay Up to Date on Threat Intelligence With New X-Force Exchange Capabilities

As both a parent and a bit of a nerd, I have a lot of corny jokes in my arsenal that cover a wide range of topics including animals, food, science fiction and the like. One of my favorite jokes comes from my data science background: “I never metadata I didn’t like.” This joke has it all: wordplay, the spirit of a joke your uncle might tell
Publish At:2017-08-16 09:00 | Read:3980 | Comments:0 | Tags:Threat Intelligence X-Force Research IBM X-Force Exchange IB

Where Are They Today? Cybercrime Trojans That No One Misses: Shifu Malware

This is the first installment in an ongoing series about banking malware that faded away in 2017. Cybercrime is a very dynamic threat landscape. With over 100 million malware strains tracked by AV-TEST in 2016, malware can be a dime a dozen. When it comes to the more organized cybercrime groups and sophisticated banking Trojan projects, malware families are
Publish At:2017-08-08 16:20 | Read:4102 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Monitor Your Network for NotPetya in Real Time

The cyberthreat intelligence (CTI) community has not yet agreed on attribution for the threat actor behind the NotPetya malware, but it is actively investigating. The apparent objective of NotPetya is to destroy infected computers, not necessarily to hold data ransom. Hopefully, you have already invested in solid backups. But when it comes to further manag
Publish At:2017-07-19 08:05 | Read:3932 | Comments:0 | Tags:Security Intelligence & Analytics IBM QRadar Security Intell

TrickBot Habla Español: Trojan Widens Its Attack Scope in Spain, Brings Redirection Attacks to Local Banks

The TrickBot Trojan has been steadily ramping up its activity this year, going into a rather intensive period of updates and attacks that started in Q2 2017. From the looks of it, TrickBot’s operators have been investing heavily into widening the scope of their attacks and are preparing redirection attacks against banks in 19 different countries. After
Publish At:2017-07-19 08:05 | Read:4230 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

A ‘Wiper’ in Ransomware Clothing: Global Attacks Intended for Destruction Versus Financial Gain

Co-authored by Steve Stone After finalizing initial analysis, IBM X-Force Incident Response and Intelligence Services (IRIS) concluded that the Petya variant attacks that started on Tuesday, June 27, were intended as destructive attacks against Ukraine, rather than a means for cybercriminals to make money from ransom payouts. In other words, this attack was
Publish At:2017-06-30 03:45 | Read:3967 | Comments:0 | Tags:Malware Advanced Attacks Advanced Malware Advanced Threats I

Petya Weren’t Expecting This: Ransomware Takes Systems Hostage Across the Globe

Early on Tuesday, June 27, reports began to circulate that organizations in the Ukraine and elsewhere in Europe were suffering ransomware attacks. It quickly became clear that this Petya attack could equal or surpass the May WannaCry attack. WannaCry’s spread was so successful because it was powered by a flaw in Windows, and although Microsoft had rele
Publish At:2017-06-27 20:30 | Read:3765 | Comments:0 | Tags:Malware Advanced Threats IBM Security IBM X-Force Exchange I

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud