HackDig : Dig high-quality web security articles for hacker

What Do Avocados and Threat Intelligence Have in Common?

Full disclosure: I would not eat guacamole for years because a certain puppet-centric movie I saw as a child had me convinced that it was actually made of frog brains. Once in college, however, seeing guacamole being made completely changed my opinion — unlike a sausage-making demonstration in a rather unfortunate public speaking class that same year of coll
Publish At:2017-09-13 08:20 | Read:196 | Comments:0 | Tags:Incident Response Threat Intelligence IBM X-Force Exchange I

All in a Spammer’s Workweek: Where Do the Busiest Spammers Work Around the Clock?

IBM X-Force Kassel is a research team that operates massive spam honeypots and monitoring, gleaning data from billions of unsolicited emails every year. With such large amounts of spam coming in, we can more easily map trends. We looked at one recently when analyzing the spammer’s workweek. Our goal in this analysis was to delve into six months of data
Publish At:2017-08-21 15:05 | Read:151 | Comments:0 | Tags:Advanced Threats Fraud Protection Threat Intelligence IBM X-

Stay Up to Date on Threat Intelligence With New X-Force Exchange Capabilities

As both a parent and a bit of a nerd, I have a lot of corny jokes in my arsenal that cover a wide range of topics including animals, food, science fiction and the like. One of my favorite jokes comes from my data science background: “I never metadata I didn’t like.” This joke has it all: wordplay, the spirit of a joke your uncle might tell
Publish At:2017-08-16 09:00 | Read:185 | Comments:0 | Tags:Threat Intelligence X-Force Research IBM X-Force Exchange IB

Where Are They Today? Cybercrime Trojans That No One Misses: Shifu Malware

This is the first installment in an ongoing series about banking malware that faded away in 2017. Cybercrime is a very dynamic threat landscape. With over 100 million malware strains tracked by AV-TEST in 2016, malware can be a dime a dozen. When it comes to the more organized cybercrime groups and sophisticated banking Trojan projects, malware families are
Publish At:2017-08-08 16:20 | Read:251 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Monitor Your Network for NotPetya in Real Time

The cyberthreat intelligence (CTI) community has not yet agreed on attribution for the threat actor behind the NotPetya malware, but it is actively investigating. The apparent objective of NotPetya is to destroy infected computers, not necessarily to hold data ransom. Hopefully, you have already invested in solid backups. But when it comes to further manag
Publish At:2017-07-19 08:05 | Read:305 | Comments:0 | Tags:Security Intelligence & Analytics IBM QRadar Security Intell

TrickBot Habla Español: Trojan Widens Its Attack Scope in Spain, Brings Redirection Attacks to Local Banks

The TrickBot Trojan has been steadily ramping up its activity this year, going into a rather intensive period of updates and attacks that started in Q2 2017. From the looks of it, TrickBot’s operators have been investing heavily into widening the scope of their attacks and are preparing redirection attacks against banks in 19 different countries. After
Publish At:2017-07-19 08:05 | Read:297 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

A ‘Wiper’ in Ransomware Clothing: Global Attacks Intended for Destruction Versus Financial Gain

Co-authored by Steve Stone After finalizing initial analysis, IBM X-Force Incident Response and Intelligence Services (IRIS) concluded that the Petya variant attacks that started on Tuesday, June 27, were intended as destructive attacks against Ukraine, rather than a means for cybercriminals to make money from ransom payouts. In other words, this attack was
Publish At:2017-06-30 03:45 | Read:365 | Comments:0 | Tags:Malware Advanced Attacks Advanced Malware Advanced Threats I

Petya Weren’t Expecting This: Ransomware Takes Systems Hostage Across the Globe

Early on Tuesday, June 27, reports began to circulate that organizations in the Ukraine and elsewhere in Europe were suffering ransomware attacks. It quickly became clear that this Petya attack could equal or surpass the May WannaCry attack. WannaCry’s spread was so successful because it was powered by a flaw in Windows, and although Microsoft had rele
Publish At:2017-06-27 20:30 | Read:201 | Comments:0 | Tags:Malware Advanced Threats IBM Security IBM X-Force Exchange I

10 Ways to Fight Advanced Malware With Threat Intelligence Sharing

Last month, we celebrated the two-year anniversary of the IBM X-Force Exchange (XFE). During that week, the threat intelligence sharing platform reached a record spike in traffic as users flocked to the site to stay up to date on the recently exposed WannaCry ransomware. 10 Threat Intelligence Sharing Tips to Fight Cybercrime As the X-Force team populated th
Publish At:2017-06-12 12:10 | Read:257 | Comments:0 | Tags:Advanced Threats Malware Threat Intelligence IBM X-Force Exc

Not-So-Terrible Twos: IBM X-Force Exchange Celebrates Its Second Birthday

There are certain knowing glances that experienced parents give each other in the face of a public toddler meltdown. The sheer red-faced, quaking, loud explosion of the tantrum reminds us that 2-year-olds are entirely exasperating human beings and terrible roommates. But there is a new kind of 2-year-old on the scene now that is well-behaved, well-groomed
Publish At:2017-05-17 21:15 | Read:440 | Comments:0 | Tags:Threat Intelligence X-Force Research IBM X-Force Exchange IB

Lessons Learned From the WannaCry Ransomware Attack and Many Others That Preceded It

Dry Your Eyes: Lessons Learned From WannaCry If you’re reading this post, congratulations! You hopefully aren’t using one of the more than 200,000 computers that were hit by the first wave of the WannaCry ransomware attack. Those unfortunate victims are dealing with bigger problems right now, such as how to admit patients to their emergency rooms
Publish At:2017-05-17 21:15 | Read:622 | Comments:0 | Tags:Endpoint Incident Response Malware Security Intelligence & A

Apache Struts 2: A Zero-Day Quick Draw

Co-authored by Michelle Alvarez. During an outbreak of zero-day attacks, IBM X-Force needs to work fast to assess the threat to inform customers and others of the risk and offer steps to mitigate or resolve the issue. Once the dust settles, though, we like to circle back, review what happened and identify any notable trends. The attacks launched against the
Publish At:2017-05-16 08:25 | Read:824 | Comments:0 | Tags:Advanced Threats Software & App Vulnerabilities Threat Intel

TrickBot Is Hand-Picking Private Banks for Targets — With Redirection Attacks in Tow!

IBM X-Force research follows organized cybercrime and continually monitors the criminals’ targets and modus operandi. In a recent analysis of TrickBot campaigns in the U.K., Australia and Germany, I found that the operators of the infamous Trojan have been adding new redirection attacks focused on a list of brands that I had never seen in the past. Cur
Publish At:2017-04-27 19:35 | Read:935 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Surfing the Tsunami of Threat Data With Cognitive Security

Given today’s booming cybercrime landscape, there is a general feeling among IT professionals that no organization is safe. In fact, it’s probably safe to assume that everyone is under almost continuous attack. A data breach can result in stolen passwords, compromised personal information or even physical consequences such as hotel patrons being
Publish At:2017-04-19 09:05 | Read:585 | Comments:0 | Tags:Cognitive Security Intelligence & Analytics Cognitive Comput

Showcasing Threat Intelligence at IBM InterConnect

I am coming up on my third year of planning a topic track for IBM Security at the IBM InterConnect conference, and each year brings even more exciting content. This year, the introduction of Watson for Cyber Security adds yet another dimension to the usefulness and applicability of external threat intelligence. If you aren’t able to attend, fear not! T
Publish At:2017-03-09 17:45 | Read:572 | Comments:0 | Tags:Cognitive Security Intelligence & Analytics Threat Intellige

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud