Before it started fading out in June 2016, Shifu malware appeared to be targeting banks in Japan and the U.K. and evolving at a steady pace.
TrickBot Habla Español: Trojan Widens Its Attack Scope in Spain, Brings Redirection Attacks to Local Banks
The TrickBot Trojan has been steadily ramping up its activity this year, going into a rather intensive period of updates and attacks that started in Q2.
With the QRadar NotPetya Content Pack, security analysts can monitor their networks for indicators of NotPetya ransomware in real time.
Further analysis of impacted Petya ransomware victims led our team to conclude that this attack was specifically aimed at organizations within Ukraine.
It appears that the current Petya payload is being distributed using the same exploits that were part of the leaks that powered the spread of WannaCry.
The X-Force Exchange threat intelligence sharing platform brings collaboration to the forefront of the ongoing fight against WannaCry and other malware.
The best strategy to defend against the WannaCry ransomware attack and similar events is to adopt tools to prevent them from occurring in the first place.
Since its inception two years ago, the IBM X-Force Exchange has grown into a comprehensive hub for industrywide threat intelligence collaboration.
Organizations affected by the WannaCry ransomware attack can leverage IBM X-Force Threat Intelligence with QRadar to mitigate this unprecedented threat.
It took fraudsters less than 24 hours after the disclosure of a previously unknown Apache Struts 2 vulnerability to develop a Python script to exploit it.