HackDig : Dig high-quality web security articles for hacker

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making breaches, it’s becoming clear that the greatest risks to an organization might come down to a simple
Publish At:2017-09-21 19:15 | Read:123 | Comments:0 | Tags:Advanced Threats Cloud Security Data Protection Software & A

Network Attacks Containing Cryptocurrency CPU Mining Tools Grow Sixfold

Since we last reported on a version of the ELF Linux/Mirai malware containing cryptocurrency coin-mining tools in April, the IBM X-Force has noticed a steep increase in the volume of coin central processing unit (CPU) mining tools used in cyberattacks, specifically those targeting enterprise networks. According to IBM Managed Security Services (MSS) data,
Publish At:2017-09-19 12:00 | Read:61 | Comments:0 | Tags:Advanced Threats Security Services Threat Intelligence X-For

Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet

The IBM X-Force Vulnerability Database (XFDB), which holds over 100,000 publicly disclosed vulnerabilities, is chock-full of insights concerning the cybersecurity threat landscape. Much of the data is publicly available directly on the IBM X-Force Exchange platform and can be accessed by users anytime. In reviewing the database on an ongoing basis, the IBM
Publish At:2017-09-14 21:10 | Read:185 | Comments:0 | Tags:Advanced Threats Endpoint Threat Intelligence X-Force Resear

Brazilian Malware Client Maximus: Maximizing the Mayhem

In January 2017, IBM X-Force research reported the development of a new remote-access malware code targeting Brazilian banks. The malware, dubbed Client Maximus, was observed in ongoing campaigns and continues to target online banking users in the country. The development of Client Maximus, which is believed to be commercially available in Brazilian fraud an
Publish At:2017-09-12 13:50 | Read:129 | Comments:0 | Tags:Fraud Protection Malware Threat Intelligence Advanced Threat

Spotlight on Energy and Utilities Sector: Attacks Targeting ICS Systems Projected to Increase

There is an increased focus on cybersecurity among governments and energy and utilities organizations worldwide, and for good reason. Attacks on critical infrastructure such as fuel, electricity and drinking water carry the potential for damage far beyond their economic impact. As demonstrated by incidents such as the notorious shutdown of several Iranian nu
Publish At:2017-09-06 20:40 | Read:224 | Comments:0 | Tags:Advanced Threats Energy & Utility Threat Intelligence Energy

All in a Spammer’s Workweek: Where Do the Busiest Spammers Work Around the Clock?

IBM X-Force Kassel is a research team that operates massive spam honeypots and monitoring, gleaning data from billions of unsolicited emails every year. With such large amounts of spam coming in, we can more easily map trends. We looked at one recently when analyzing the spammer’s workweek. Our goal in this analysis was to delve into six months of data
Publish At:2017-08-21 15:05 | Read:138 | Comments:0 | Tags:Advanced Threats Fraud Protection Threat Intelligence IBM X-

A ‘Wiper’ in Ransomware Clothing: Global Attacks Intended for Destruction Versus Financial Gain

Co-authored by Steve Stone After finalizing initial analysis, IBM X-Force Incident Response and Intelligence Services (IRIS) concluded that the Petya variant attacks that started on Tuesday, June 27, were intended as destructive attacks against Ukraine, rather than a means for cybercriminals to make money from ransom payouts. In other words, this attack was
Publish At:2017-06-30 03:45 | Read:347 | Comments:0 | Tags:Malware Advanced Attacks Advanced Malware Advanced Threats I

Petya Weren’t Expecting This: Ransomware Takes Systems Hostage Across the Globe

Early on Tuesday, June 27, reports began to circulate that organizations in the Ukraine and elsewhere in Europe were suffering ransomware attacks. It quickly became clear that this Petya attack could equal or surpass the May WannaCry attack. WannaCry’s spread was so successful because it was powered by a flaw in Windows, and although Microsoft had rele
Publish At:2017-06-27 20:30 | Read:192 | Comments:0 | Tags:Malware Advanced Threats IBM Security IBM X-Force Exchange I

Cyber Solstice: IT Security Tasks to Tackle on the Longest Day of the Year

This week, we will experience the longest day of the year: June 21. For IT professionals, more daylight means more time to handle tasks on the back burner, start new projects or even — gasp — take a step back from the cybersecurity front lines. Here’s a look at some top contenders for security tasks worth tackling this summer solstice. Address New Thre
Publish At:2017-06-19 09:55 | Read:408 | Comments:0 | Tags:CISO Advanced Threats Chief Information Security Officer (CI

10 Ways to Fight Advanced Malware With Threat Intelligence Sharing

Last month, we celebrated the two-year anniversary of the IBM X-Force Exchange (XFE). During that week, the threat intelligence sharing platform reached a record spike in traffic as users flocked to the site to stay up to date on the recently exposed WannaCry ransomware. 10 Threat Intelligence Sharing Tips to Fight Cybercrime As the X-Force team populated th
Publish At:2017-06-12 12:10 | Read:244 | Comments:0 | Tags:Advanced Threats Malware Threat Intelligence IBM X-Force Exc

Manufacturing Security Incidents: Forty Percent Higher Than Cross-Industry Average in 2016

The manufacturing industry — including, but not limited to, automotive, electronics, food and beverage, textile and pharmaceutical companies — was the third most attacked sector in 2016, according to the 2017 IBM X-Force Threat Intelligence Index. In fact, the number of security incidents, which are attacks or security events reviewed by IBM security analyst
Publish At:2017-06-06 08:50 | Read:346 | Comments:0 | Tags:Advanced Threats Industries Threat Intelligence IBM X-Force

QakBot Banking Trojan Causes Massive Active Directory Lockouts

IBM X-Force Research recently observed a wave of malware-induced Active Directory (AD) lockouts across several incident response engagements. The lockouts caused hundreds to thousands of AD users to get locked out of their company’s domain in rapid succession, leaving employees of the impacted organizations unable to access their endpoints, company ser
Publish At:2017-06-03 00:15 | Read:1053 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence Banki

Unwrapping the Mystery: Did a Big, Slimy Internet Worm Make Hundreds of Organizations WannaCry?

Two weeks into the WannaCry aftermath, response teams are getting back to normal, organizations are re-evaluating their infrastructures, and even the bitcoin payments the fraudsters were collecting have almost stopped trickling in. It’s time now to look into the data to find clues about what made WannaCry spread so rapidly and with such a wide scope.
Publish At:2017-05-25 13:35 | Read:688 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence IBM X

Cybercrime Has Become a Commodity

Today’s cybercriminals have new options that make their malicious efforts easier than ever. Cyberattacks can be purchased in several forms, including as-a-service packages and simple downloads to be installed in rogue servers. While these may not be the most cutting-edge techniques, they can be effective in infiltrating systems that have not been suff
Publish At:2017-05-24 00:45 | Read:551 | Comments:0 | Tags:Fraud Protection Network Advanced Threats Cybercrime Cybercr

Apache Struts 2: A Zero-Day Quick Draw

Co-authored by Michelle Alvarez. During an outbreak of zero-day attacks, IBM X-Force needs to work fast to assess the threat to inform customers and others of the risk and offer steps to mitigate or resolve the issue. Once the dust settles, though, we like to circle back, review what happened and identify any notable trends. The attacks launched against the
Publish At:2017-05-16 08:25 | Read:794 | Comments:0 | Tags:Advanced Threats Software & App Vulnerabilities Threat Intel

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud