exchange.xforce.ibmcloud.com Open in urlscan Pro
2606:4700::6811:5412  Public Scan

Submitted URL: http://www.xforce-security.com/
Effective URL: https://exchange.xforce.ibmcloud.com/
Submission: On February 23 via manual from US — Scanned from NL

Form analysis 1 forms found in the DOM

GET

<form class="formclass form-inline ng-pristine ng-valid" ng-submit="$ctrl.searchFor($ctrl.searchText ? $ctrl.searchText : ' ')" method="get" autocomplete="off"> <label class="sr-only" for="top_search"
    ng-bind="'SEARCH_BUTTON_LABEL' | translate">Search</label> <input name="q" id="top_search" type="text" class="form-control ng-pristine ng-untouched ng-valid ng-empty"
    title="Search by Application name, IP address, URL, Vulnerability, MD5, #Tag..." ng-attr-placeholder="{{('SEARCH_PLACEHOLDER' | translate)}}" ng-model="$ctrl.searchText" size="64" role="combobox"
    uib-typeahead="item as item.value for item in $ctrl.typeaheadItems | typeaheadFilter:$ctrl.searchText | limitTo: 10" typeahead-eager="" typeahead-template-url="views/templates/search-typeahead.html"
    typeahead-on-select="$ctrl.onTypeaheadSelect($item)" typeahead-focus-first="false" aria-autocomplete="list" aria-expanded="false" aria-owns="typeahead-99-4170" placeholder="Search by Application name, IP address, URL, Vulnerability, MD5, #Tag..."
    aria-invalid="false">
  <ul class="dropdown-menu ng-hide" ng-show="isOpen() &amp;&amp; !moveInProgress" ng-style="{top: position().top+'px', left: position().left+'px'}" role="listbox" aria-hidden="true" uib-typeahead-popup="" id="typeahead-99-4170" matches="matches"
    active="activeIdx" select="select(activeIdx, evt)" move-in-progress="moveInProgress" query="query" position="position" assign-is-open="assignIsOpen(isOpen)" debounce="debounceUpdate" template-url="views/templates/search-typeahead.html">
    <!---->
  </ul> <button type="submit" class="btn btn-primary" title="Search" id="submitTopSearch"> <span class="ibm ibm_search_32"></span><span class="sr-only">Search</span> </button>
</form>

Text Content

IBM® X-FORCE EXCHANGE

IBM X-Force Exchange is a threat intelligence sharing platform that you can use
to research security threats, to aggregate intelligence, and to collaborate with
peers.

Logged in users have integrated access to all the functionality of the site:
searching, commenting, Collections and sharing. Guests can search and view
reports only.

I agree to the Terms of Service

Create IBMid Log In

... or enter as a Guest




Member since

View Profile

 * Comments
 * Collections
   
 * Groups
   


 * Home
 * Activity
 * Collections
 * Early Warning
   
 * Groups
   
   
 * App Exchange

 * API
 * Invite
 * Support
 * Forum
 * Provide Feedback
 * Make a Feature Request
 * FAQ
 * How to
 * What's new?
 * Service Status
 * Privacy
 * Terms
 * © 2014, 2022 IBM Security

(Build 908)





 * 
 * 0


Notifications


RECENTLY VIEWED

Choose from recently viewed IP, URL, Vulnerability and Malware reports to build
a new Collection or to add to an existing one.

No supported reports were visited so far.

LOG IN TO WORK WITH COLLECTIONS.

NOT A MEMBER? SIGN UP

Open navigation menu


IBM  X-FORCE EXCHANGE / APP EXCHANGE

 

View Notifications

0
 * Create IBMid
 * Log In

IBM X-Force Exchange


RESEARCH, COLLABORATE AND ACT ON THREAT INTELLIGENCE

Search Search
…or Scan file


TRENDING

   
 * #blacklist
   
 * #advisory
   
 * 81.17.24.154
   
 * 2.56.56.43
   
 * 93.184.220.29
   
 * 212.193.30.181
   
 * 45.146.165.37
   
 * #malware
   


DASHBOARD

AlertCon™ Threat Level 1

Customize the layout of this page
Take a tour to learn more
   


 * IBM X-FORCE THREAT ACTIVITY REPORTS
   
   Curated by the IBM X-Force team
   
   --------------------------------------------------------------------------------
   
      
   
    * HabitsRAT Used to Target Linux and Windows Servers
      
      Last Updated : Oct 12, 2021
      
      
   
    * Phishing Campaign Spoofing Power BI
      
      Last Updated : Feb 22, 2022
      
   
    * Pirate Bay Clones Serve Malicious Ads And Fake Torrents
      
      Last Updated : Feb 22, 2022
      
   
    * An Analysis of an Attack Against Iranian State Broadcaster
      
      Last Updated : Feb 22, 2022
      
   
   


 * IBM X-FORCE THREAT GROUP REPORTS
   
   Curated by the IBM X-Force team
   
   --------------------------------------------------------------------------------
   
   
   
   


 * IBM X-FORCE MALWARE ANALYSIS REPORTS
   
   Curated by the IBM X-Force team
   
   --------------------------------------------------------------------------------
   
      
   
    * PowerShower Backdoor Analysis Report (IRIS-8923)
      
      Last Updated : Oct 7, 2021
      
      
   
    * Emotet Analysis Report (IRIS-12381)
      
      Last Updated : Feb 8, 2022
      
   
    * BazarISO Analysis Report (IRIS-12588)
      
      Last Updated : Feb 8, 2022
      
   
    * Danbot Analysis Report (IRIS-12193)
      
      Last Updated : Feb 8, 2022
      
   
   


 * IBM X-FORCE EARLY WARNING PHISHING REPORTS
   
   Curated by the IBM X-Force team
   
   --------------------------------------------------------------------------------
   
      
   
    * Wells Fargo Squatting Campaign
      
      Last Updated : Feb 22, 2022
      
   
    * JPMorgan Chase Squatting Campaign
      
      Last Updated : Feb 22, 2022
      
   
    * Bank of America Squatting Campaign
      
      Last Updated : Feb 22, 2022
      
   
    * PayPal Squatting Campaign
      
      Last Updated : Feb 17, 2022
      
   
   


 * IBM X-FORCE INDUSTRY REPORTS
   
   Curated by the IBM X-Force team
   
   --------------------------------------------------------------------------------
   
   
   
   


 * CORONAVIRUS SECURITY UPDATES
   
   Stay ahead of threats related to COVID-19
   
   --------------------------------------------------------------------------------
   
   THREATS
   
      
   
    * COVID-19 Themed Phishing Attacks and the Fake Websites Created for Them
      
      Mar 26, 2021
      
   
    * COVID-19 Pharmaceuticals Continue to be Phishing Targets
      
      Dec 30, 2020
      
   
    * Emergency Financial Aid Phish
      
      Dec 4, 2020
      
   
    * APT-31 Uses Covid-19 Vaccine Themes in Attacks
      
      Oct 29, 2020
      
   
    * Academic Fraud Websites Running Rampant During Pandemic
      
      Sep 25, 2020
      
   
   INDICATORS OF COMPROMISE
   
      
   
    * http://covid19pfizervaccin21.com
   
      
   
    * http://pfizercovidvaxx.com
   
      
   
    * http://covidbypfizer.com
   
      
   
    * https://www.helpingcovid.org
   
      
   
   View more


 * CORONAVIRUS ATTACK SOURCE DISTRIBUTION
   
   Attack map related to COVID-19
   
   --------------------------------------------------------------------------------
   
   Affected Countries/Regions
   
   140
   
   Peak
   
   Apr 10, 2020
   
   Trend
   
   The number has increased.
   
   


 * X-FORCE IN COLLABORATION WITH QUAD9
   
   Improve your cyber security bearing for free
   
   --------------------------------------------------------------------------------
   
   Quad9 is a free, recursive, anycast DNS platform that provides end users
   robust security protections, high-performance, and privacy. Switch your DNS
   provider to Quad9 to leverage X-Force threat Intelligence to keep you safe
   from cyber threats.
   
   Blocked malicious requests
   
   172.2M
   Visit Quad9


 * IBM ADVANCED THREAT PROTECTION FEED
   
   Identify malicious threats in your environment in nearly real-time.
   
   --------------------------------------------------------------------------------
   
   The Advanced Threat Protection Feed by X-Force provides you with
   machine-readable lists of actionable indicators that directly integrate with
   security tools like firewalls, intrusion prevention systems, and SIEM’s.
   
   Start your 30-day trial
   View API documentation


 * EARLY WARNING DATA
   
   Stay ahead of threats with Early Warning data
   
   --------------------------------------------------------------------------------
   
      
   
    * lfjvvccsucsmxg.com
      
      Registered: 13 minutes ago
      
   
    * wmwtlrd.top
      
      Registered: 16 minutes ago
      
   
    * 1bb866d000c0.com
      
      Registered: 16 minutes ago
      
   
   Start your 30-day trial
   Visit Early Warning dashboard


 * MALICIOUS ACTIVITY
   
   Malicious activity in the last hour
   
   --------------------------------------------------------------------------------
   
   TOTAL
   
   471
   
   COMMAND AND CONTROL
   
   7
   
   SPAM
   
   416
   
   MALWARE
   
   0
   
   SCANNING
   
   39
   
   View malicious activity map


 * VULNERABILITIES
   
   The latest global security risks
   
   --------------------------------------------------------------------------------
   
      
   
    * Cyrus SASL SQL injection
      
      Consequences: Data Manipulation
      
   
    * Fuji Electric Alpha5 information disclosure
      
      Consequences: Obtain Information
      
   
    * Fuji Electric Alpha5 information disclosure
      
      Consequences: Obtain Information
      
   
    * Fuji Electric Alpha5 buffer overflow
      
      Consequences: Gain Access
      
   
    * WECON LeviStudioU buffer overflow
      
      Consequences: Gain Access
      
   
    * WECON LeviStudioU buffer overflow
      
      Consequences: Gain Access
      
   
    * WECON LeviStudioU buffer overflow
      
      Consequences: Gain Access
      
   
   View more


 * PUBLIC COLLECTIONS
   
   Publicly shared community findings
   
   --------------------------------------------------------------------------------
   
   RECOMMENDED
   
   LOG IN TO WORK WITH COLLECTIONS.
   
   NOT A MEMBER? SIGN UP
   
   MOST RECENT
   
      
   
    * SSH Brute-Force Honeypot Live
      
      Feb 23, 2022 -
      
      threat-actor, blacklist, sshattack, honeypot, bruteforce
   
      
   
    * Emotet is back at it
      
      Feb 23, 2022
      
      
   
      
   
    * verified phishing urls
      
      Feb 23, 2022 -
      
      phishing
   
      
   
    * Cobalt Strike targeting MS-SQL
      
      Feb 22, 2022
      
      
   
      
   
   View more


 * GROUPS
   
   Focal point for collaboration and sharing
   
   --------------------------------------------------------------------------------
   
   Start working with groups.
   
   Using groups makes it easy to share and collaborate around Collections.
   
   Create a group, add members, and share Collections.
   
   View more


 * MY COLLECTIONS
   
   Use Collections to store and share your findings
   
   --------------------------------------------------------------------------------
   
   LOG IN TO WORK WITH COLLECTIONS.
   
   NOT A MEMBER? SIGN UP
   
   View more


 * SECURITY INTELLIGENCE BLOG
   
   Analysis and insight on information security, by IBM
   
   --------------------------------------------------------------------------------
   
      
   
    * Ransomware Resilience Tops Findings in X-Force Threat Intelligence Index
      2022
      
      Feb 23, 2022 -
      By John Zorabedian  
      
   
    * Will the Metaverse Usher in a Universe of Security Challenges?
      
      Feb 7, 2022 -
      By Mike Elgan  
      
   
    * New Year, Same Risks? Six Cyber Resilience Resolutions for a Safer 2022
      
      Feb 3, 2022 -
      By Douglas Bonderud  
      
   
   Visit Security Intelligence Blog


 * FEATURED FROM APP EXCHANGE
   
   Verified extensions for a stronger enterprise defense
   
   --------------------------------------------------------------------------------
   
   QRadar Advisor With Watson
   
   IBM QRadar
   
   Enrich security incidents with insights from Watson to rapidly respond to
   threats.
   
   View more


 * BOTNET DISTRIBUTION
   
   fobber
   
   Affected Countries/Regions
   
   19
   
   Peak
   
   Feb 10, 2022
   
   Trend
   
   The number has decreased.
   
   View more


 * IBM X-FORCE COMMERCIAL API
   
   Programmatic access to the IBM X-Force Exchange
   
   --------------------------------------------------------------------------------
   
   Query our threat intelligence through a RESTful API that supports multiple
   formats (including JSON and STIX/TAXII) for a simple integration with your
   security tools.
   
   Start your 30-day trial
   View API Documentation

QRadar Search - Searching...
Cancel
IBM Security
 * API
 * Support
 * Forum
 * Provide Feedback
 * Make a Feature Request
 * FAQ
 * How to

 * What's new?
 * Service Status
 * Privacy
 * Terms
 * Invite
 * © 2014, 2022 IBM Security

 * Build 908

%INDEXSPAMHONEYPOT%

SEARCH

Search or submit a file to scan. Check for IOCs, keywords, malware intelligence,
or even Collections that other users have contributed.

Skip Tour Next