HackDig : Dig high-quality web security articles for hackers

Jackpotting Reveals Openings in Proprietary Software

Jackpotting, an older ATM theft technique, could show security operations team members what to look out for when it comes to Internet of things (IoT) attacks in general, and even election machine vulnerabilities.  This technique first entered the U.S. cybersecurity lexicon in 2018, when Brian Krebs warned of attacks at American ATMs. Jackpotting, Krebs
Publish At:2020-09-14 10:37 | Read:119 | Comments:0 | Tags:Advanced Threats Fraud Protection Malware ATM ATM Malware Ba

Under Attack: How Threat Actors are Exploiting SOCKS Proxies

From the basic building blocks of the internet to cryptocurrency mining on a supercomputer, SOCKS sits at the core of computing. A SOCKS proxy can be used to improve network security in an enterprise, but can also be exploited by cybercriminals for nefarious reasons. Take a look at how SOCKS proxies have been manipulated recently by threat actors. What is
Publish At:2020-09-03 16:34 | Read:186 | Comments:0 | Tags:Advanced Threats Network Security Intelligence & Analytics C

Threat Hunting Techniques: A Quick Guide

Threat hunting is an essential part of security operations center services and should be incorporated at an early stage. Threat hunting is the art of finding the unknowns in the environment, going beyond traditional detection technologies, such as security information and event management (SIEM), endpoint detection and response (EDR) and others. There are m
Publish At:2020-08-05 10:35 | Read:150 | Comments:0 | Tags:Threat Hunting Advanced Threat Protection Advanced Threats C

Build a Roadmap for Cyber Resilience

The current information security landscape is rapidly evolving. According to the latest research from IBM Security and the Ponemon Institute’s 2020 Cyber Resilient Organization Report, 67% of organizations reported that the volume of attacks had significantly increased over the past 12 months. It’s not just the amount of attacks that grew; 64% o
Publish At:2020-08-03 08:33 | Read:266 | Comments:0 | Tags:CISO Data Protection Endpoint Advanced Attacks Advanced Thre

DDoS Attacks Increase in Size, Frequency and Duration

Distributed denial of service (DDoS) attacks are increasing in size, frequency and duration. Kaspersky Lab reported a doubling of DDoS attacks in the first quarter of 2020 compared with the fourth quarter of 2019, plus an 80% jump compared with the same quarter last year. Kaspersky also found that DDoS cyberattacks are increasing in duration. Average attack
Publish At:2020-07-30 19:37 | Read:282 | Comments:0 | Tags:Advanced Threats Application Security Cloud Security Data Pr

Aviation Can Anticipate an Increase in State-Sponsored Activity

The combination of lockdown measures, travel restrictions and stalling demand brought on by COVID-19 has caused an unprecedented collapse in the global air transport industry. Facing a projected loss of $84.3 billion in revenue and 32 million aviation-related jobs worldwide, nations are scrambling to provide much-needed financial support to sustain domestic
Publish At:2020-07-28 17:26 | Read:229 | Comments:0 | Tags:Advanced Threats Threat Research X-Force IRIS Incident Respo

Darknet Cybersecurity: How Finance Institutions Can Defend Themselves

Financial firms continue to move to digital-first deployments, as retail branches close, and people shift to remote work. This shift makes understanding and preventing even common darknet, or dark web, threats a priority. Financial cybersecurity investment institutions need to understand what the dark web is, provide their security teams with the tools to ex
Publish At:2020-07-28 17:26 | Read:323 | Comments:0 | Tags:Advanced Threats Data Protection Identity & Access Threat In

Securing Travel and Transportation Operations

Transportation networks are foundational to our modern way of life. The current restrictions on global movement and the corresponding reduction in demand for travel and transportation services, while profound, are temporary. Forecasting future demand and capacity requirements is nearly impossible. But, the travel and transportation industries are part of the
Publish At:2020-07-22 10:51 | Read:322 | Comments:0 | Tags:Incident Response Network Security Services Advanced Threat

Why Cyber Ranges Are Effective To Train Your Teams

Cyber ranges may be one of the most effective ways to train IT professionals in defending against cyber attacks. The virtual environments deliver simulated real-world attacks that test multiple dimensions and stakeholders within diverse environments. Cybersecurity teams can use cyber ranges to practice defending against simulated threats in immersive trainin
Publish At:2020-07-20 08:40 | Read:318 | Comments:0 | Tags:Advanced Threats Incident Response Cloud Security Cybersecur

#TwitterHack: Power, Privilege and Pandemic

On Wednesday, July 15, the Twitterverse was ablaze with what Twitter itself has described as a “coordinated social engineering attack” that was launched at around 4pm ET. The outcome of this breach was compromised Twitter accounts of many well-known people and organizations, including Jeff Bezos, Elon Musk, Bill Gates, former President Barack Obama, Joe Bide
Publish At:2020-07-17 14:07 | Read:249 | Comments:0 | Tags:Advanced Threats Security Services Chief Information Securit

New Research Exposes Iranian Threat Group Operations

IBM X-Force Incident Response Intelligence Services (IRIS) has uncovered rare details on the operations of the suspected Iranian threat group ITG18, which overlaps with Charming Kitten and Phosphorous. In the past few weeks, ITG18 has been associated with targeting of  pharmaceutical companies and the U.S. presidential campaigns. Now, due to operational erro
Publish At:2020-07-16 08:09 | Read:215 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence Threa

COVID-19 Cybercrime Capitalizing on Brazil’s Government Assistance Program

IBM X-Force Incident Response and Intelligence Services (IRIS) has been tracking cybercrime capitalizing on the coronavirus pandemic since January, and has observed the geographical areas of this activity shift over time. In February, cybercriminals were focusing on Asia, and we observed threat actors targeting potential victims in Japan with coronavirus-rel
Publish At:2020-07-07 11:48 | Read:250 | Comments:0 | Tags:Advanced Threats Threat Intelligence Threat Research X-Force

New Study Shows Consumers Could Be Vulnerable to COVID-19 Spam

Since the World Health Organization (WHO) declared the COVID-19 outbreak a pandemic on March 11, IBM X-Force has observed a more than 6,000 percent increase in COVID-19-related spam, with lures ranging the full gamut of challenges and concerns facing individuals — from phishing emails impersonating the Small Business Administration (SBA) and the WHO to U.S.
Publish At:2020-05-03 08:13 | Read:504 | Comments:0 | Tags:Advanced Threats Banking & Financial Services Fraud Protecti

TA505 Continues to Infect Networks With SDBbot RAT

IBM X-Force Incident Response and Intelligence Services (IRIS) responds to security incidents around the globe. During analysis and comparison of malicious activity on enterprise networks, our team identified attacks likely linked to Hive0065, also known as TA505. We observed that Hive0065 continues to spread the SDBbot remote-access Trojan (RAT) alongside o
Publish At:2020-04-14 12:36 | Read:764 | Comments:0 | Tags:Advanced Threats Incident Response Command-and-Control (C&C)

ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework

The past two years have borne witness to the increasing collaboration between organized cybercrime groups to avoid duplication of efforts and maximize profits. Although this collaboration has primarily occurred between gangs developing and distributing well-known banking Trojans, such as Emotet, TrickBot and IcedID, it does not stop there. In a new and dange
Publish At:2020-04-07 08:25 | Read:732 | Comments:0 | Tags:Advanced Threats Threat Intelligence Banking Trojan Collabor

Tools

Tag Cloud