HackDig : Dig high-quality web security articles

The Needs of a Modernized SOC for Hybrid Cloud

Cybersecurity has made a lot of progress over the last ten years. Improved standards (e.g., MITRE), threat intelligence, processes and technology have significantly helped improve visibility, automate information gathering (SOAR) and many manual tasks. Additionally, new analytics (UEBA/SIEM) and endpoint (EDR) technologies can detect and often stop entire c
Publish At:2023-04-24 11:12 | Read:629353 | Comments:0 | Tags:Intelligence & Analytics Artificial Intelligence CISO Endpoi

X-Force Identifies Vulnerability in IoT Platform

The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion a
Publish At:2023-04-05 15:10 | Read:403034 | Comments:0 | Tags:Application Security Endpoint Network Security Services Thre

X-Force Prevents Zero Day from Going Anywhere

This blog was made possible through contributions from Fred Chidsey and Joseph Lozowski. The X-Force Vulnerability and Exploit Database shows that the number of zero days being released each year is on the rise, but X-Force has observed that only a few of these zero days are rapidly adopted by cyber criminals each year. While every zero day is important and
Publish At:2023-03-30 13:55 | Read:524181 | Comments:0 | Tags:Software Vulnerabilities Endpoint Incident Response Security

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This i
Publish At:2023-03-21 17:15 | Read:674238 | Comments:0 | Tags:Software Vulnerabilities Application Security Endpoint Threa

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Wind
Publish At:2023-03-20 17:27 | Read:338577 | Comments:0 | Tags:Endpoint Incident Response Malware Threat Hunting Threat Res

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need
Publish At:2023-02-24 23:33 | Read:464320 | Comments:0 | Tags:Intelligence & Analytics Endpoint Identity & Access quantum

Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers

Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers are using this technique to achieve their objectives. It is therefor
Publish At:2023-02-21 11:39 | Read:711936 | Comments:0 | Tags:Software Vulnerabilities Application Security Endpoint Secur

Cybersecurity in the Next-Generation Space Age, Pt. 1: Introduction to New Space

Working as a cybersecurity engineer for many years, and closely following the rapid evolution of the space ecosystem, I wholeheartedly believe that space systems today are targets of cyberattacks more than ever. The purpose of this article is to give you a glimpse of cybersecurity threats and challenges facing the New Space economy and ecosystem, with a foc
Publish At:2023-02-08 23:33 | Read:311489 | Comments:0 | Tags:Endpoint Security Services satellites Cybersecurity security

The Evolution of Antivirus Software to Face Modern Threats

Over the years, endpoint security has evolved from primitive antivirus software to more sophisticated next-generation platforms employing advanced technology and better endpoint detection and response.   Because of the increased threat that modern cyberattacks pose, experts are exploring more elegant ways of keeping data safe from threats. Signatu
Publish At:2023-02-02 15:37 | Read:486377 | Comments:0 | Tags:Endpoint Risk Management managed detection and response (MDR

Contain Breaches and Gain Visibility With Microsegmentation

Organizations must grapple with challenges from various market forces. Digital transformation, cloud adoption, hybrid work environments and geopolitical and economic challenges all have a part to play. These forces have especially manifested in more significant security threats to expanding IT attack surfaces.  Breach containment is essential, and zero
Publish At:2023-02-01 11:39 | Read:774146 | Comments:0 | Tags:Endpoint Risk Management Zero Trust Application Security Clo

Self-Checkout This Discord C2

This post was made possible through the contributions of James Kainth, Joseph Lozowski, and Philip Pedersen. In November 2022, during an incident investigation involving a self-checkout point-of-sale (POS) system in Europe, IBM Security X-Force identified a novel technique employed by an attacker to introduce a command and control (C2) channel
Publish At:2023-01-17 15:36 | Read:403467 | Comments:0 | Tags:Software Vulnerabilities Application Security Endpoint Incid

3 Reasons to Make EDR Part of Your Incident Response Plan

As threat actors grow in number, the frequency of attacks witnessed globally will continue to rise exponentially. The numerous cases headlining the news today demonstrate that no organization is immune from the risks of a breach. What is an Incident Response Plan? Incident response (IR) refers to an organization’s approach, processes and technologies
Publish At:2023-01-05 15:36 | Read:434142 | Comments:0 | Tags:Endpoint Incident Response endpoint detection endpoint detec

Deploying Security Automation to Your Endpoints

Globally, data is growing at an exponential rate. Due to factors like information explosion and the rising interconnectivity of endpoints, data growth will only become a more pressing issue. This enormous influx of data will invariably affect security teams. Faced with an enormous amount of data to sift through, analysts are feeling the crunch. Subsequently
Publish At:2022-11-29 11:36 | Read:489875 | Comments:0 | Tags:Endpoint IT cybersecurity alert fatigue Automation Endpoint

Effectively Enforce a Least Privilege Strategy

Every security officer wants to minimize their attack surface. One of the best ways to do this is by implementing a least privilege strategy. One report revealed that data breaches from insiders could cost as much as 20% of annual revenue. Also, at least one in three reported data breaches involve an insider. Over 78% of insider data breaches involve uninte
Publish At:2022-11-15 11:35 | Read:507352 | Comments:0 | Tags:Zero Trust Endpoint least privilege Privileged Access privil

Microsoft breach reveals some customer data

Microsoft customers find themselves in the middle of a data breach situation. The Microsoft Security Response Center blog reports that researchers reported a misconfigured Microsoft endpoint on September 24. This miscongifuration resulted in the possibility of “unauthenticated access to some business transaction data corresponding to interactions
Publish At:2022-10-21 02:44 | Read:585593 | Comments:0 | Tags:News Microsoft breach data exposed exposure endpoint


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud