Intelligence Pivoting Allows You to Build a Broader Picture and is Pivotal to Detection and ResponsePivot. It’s a word we’re hearing more frequently since the pandemic and I find it interesting for its dual meaning. One on the one hand it means “turn.” Schools are pivoting to online learning. Businesses are pivoting to a remote workforce. Retailers are pivot
A relatively new player in the threat arena, the Mozi botnet, has spiked among Internet of things (IoT) devices, IBM X-Force has discovered.
This malware has been active since late 2019 and has code overlap with Mirai and its variants. Mozi accounted for nearly 90% of the observed IoT network traffic from October 2019 through June 2020.
This startling takeo
A joint cybersecurity advisory released on September 1st detailed technical methods for uncovering and responding to malicious activity including best practice mitigations and common missteps. A collaborative effort, this advisory (coded AA20-245A) is the product of research from the cybersecurity organizations of five nations. Those include the United State
A team at Temple University in Philadelphia has been tracking worldwide ransomware attacks on critical infrastructure, and anyone can request access to the data.Work on this project, described as a repository of critical infrastructure ransomware attacks (CIRWA), started in September 2019. As of August 2020, the database includes over 680 records of ransomwa
Data center and colocation services provider Equinix this week revealed that it was the victim of a ransomware attack.Headquartered in Redwood City, California, Equinix operates over 200 data centers across 25 countries around the world.The incident, which the data center giant disclosed earlier this week, has only impacted some of the company’s internal sys
A Healthy Sense of Self-Doubt Can Go a Long Way Towards Avoiding False NegativesWe’ve all worked with people who are overconfident and cocky. I used to work with one particularly egregious example of this personality type. He would routinely take indefensible positions, make grandiose statements, and even threaten consequences if others did not do what
Cybersecurity agencies in Australia, Canada, New Zealand, the United Kingdom, and the United States have published a joint advisory focusing on detecting malicious activity and incident response.Best practice incident response procedures, the report notes, start with the collection of artifacts, logs, and data, and their removal for further analysis, and con
Opener
The goal of this blog post is to provide an approach to analyzing a text-based phish link. I will primarily focus on the initial steps to properly view the phish site from a non-mobile browser, provide OPSEC setup and browsing analysis recommendations, and conclude with defense measures to protect against such attacks.
Analysis Background
Whi
In a security operations center (SOC), your cybersecurity tools are only as good as the people using them and your SOC’s culture. What are the critical SOC roles? What qualities should you look for when hiring for them? And, what should you expect from a cybersecurity career?
Learn more about why IBM was selected as a Global and European Leader in Man
Lack of Clarity in the Threat Intelligence Space is Causing ConfusionThe threat intelligence landscape has vastly changed over the years. While the term was originally used to refer to malware Indicators of Compromise (IOC) - lists of known malware signatures and the servers those malware communicate with, a method to identify infected devices within corpora
The failed attempt by Russian hackers to recruit an employee to install malware onto an enterprise network was targeting electric car maker Tesla, a tweet from Elon Musk confirms.The scheme was publicly detailed earlier this week, when the U.S. Department of Justice announced the arrest of Egor Igorevich Kriuchkov, 27, of Russia, who offered $1 million to an
New Zealand's spy agency has been brought in to help fight back against cyberattacks that crippled the country's stock exchange for a fourth straight day on Friday.Finance Minister Grant Robertson said the Government Communications Security Bureau (GCSB) intelligence agency had joined efforts to contain the threat, which market operator NZX claimed was forei
Palo Alto Networks (NYSE: PANW) announced on Monday that it has agreed to acquire incident response and digital forensics consulting firm The Crypsis Group.Under the terms of the agreement, Palo Alto Networks will pay $265 million in cash, subject to adjustment, to acquire Crypsis.“The addition of The Crypsis Group's security consulting and forensics capabil
The University of Utah on Thursday revealed that it paid approximately $457,000 to ransomware operators after servers in its College of Social and Behavioral Science (CSBS) were compromised.The attack occurred on July 19, 2020, and resulted in the CSBS servers becoming temporarily inaccessible. Roughly .02% of the data stored on those servers was affected du
The U.S. Department of Justice announced on Thursday that former Uber chief security officer Joe Sullivan has been charged over his alleged role in the cover-up of the 2016 data breach that resulted in the information of millions of Uber drivers and users getting stolen by hackers.Sullivan has been charged with obstruction of justice and misprision of a felo