HackDig : Dig high-quality web security articles for hackers

The Crucial Component of Detection and Response: Intelligence Pivoting

Intelligence Pivoting Allows You to Build a Broader Picture and is Pivotal to Detection and ResponsePivot. It’s a word we’re hearing more frequently since the pandemic and I find it interesting for its dual meaning. One on the one hand it means “turn.” Schools are pivoting to online learning. Businesses are pivoting to a remote workforce. Retailers are pivot
Publish At:2020-09-17 10:00 | Read:105 | Comments:0 | Tags:INDUSTRY INSIGHTS Incident Response

A New Botnet Attack Just Mozied Into Town

A relatively new player in the threat arena, the Mozi botnet, has spiked among Internet of things (IoT) devices, IBM X-Force has discovered. This malware has been active since late 2019 and has code overlap with Mirai and its variants. Mozi accounted for nearly 90% of the observed IoT network traffic from October 2019 through June 2020. This startling takeo
Publish At:2020-09-17 09:00 | Read:80 | Comments:0 | Tags:Incident Response Malware Threat Research Botnets Internet o

Joint Cybersecurity Advisory on Threat Hunting and Incident Response Released

A joint cybersecurity advisory released on September 1st detailed technical methods for uncovering and responding to malicious activity including best practice mitigations and common missteps. A collaborative effort, this advisory (coded AA20-245A) is the product of research from the cybersecurity organizations of five nations. Those include the United State
Publish At:2020-09-15 01:50 | Read:104 | Comments:0 | Tags:Cyber Security advisory incident response threat security cy

University Project Tracks Ransomware Attacks on Critical Infrastructure

A team at Temple University in Philadelphia has been tracking worldwide ransomware attacks on critical infrastructure, and anyone can request access to the data.Work on this project, described as a repository of critical infrastructure ransomware attacks (CIRWA), started in September 2019. As of August 2020, the database includes over 680 records of ransomwa
Publish At:2020-09-12 10:35 | Read:167 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Vi

Data Center Provider Equinix Hit by Ransomware

Data center and colocation services provider Equinix this week revealed that it was the victim of a ransomware attack.Headquartered in Redwood City, California, Equinix operates over 200 data centers across 25 countries around the world.The incident, which the data center giant disclosed earlier this week, has only impacted some of the company’s internal sys
Publish At:2020-09-11 07:13 | Read:135 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Malware Cybercrime ran

How Self-Doubt Can Keep Your Security Team Sharp

 A Healthy Sense of Self-Doubt Can Go a Long Way Towards Avoiding False NegativesWe’ve all worked with people who are overconfident and cocky. I used to work with one particularly egregious example of this personality type. He would routinely take indefensible positions, make grandiose statements, and even threaten consequences if others did not do what
Publish At:2020-09-09 12:12 | Read:113 | Comments:0 | Tags:INDUSTRY INSIGHTS Incident Response security

Five Eyes Cybersecurity Agencies Release Incident Response Guidance

Cybersecurity agencies in Australia, Canada, New Zealand, the United Kingdom, and the United States have published a joint advisory focusing on detecting malicious activity and incident response.Best practice incident response procedures, the report notes, start with the collection of artifacts, logs, and data, and their removal for further analysis, and con
Publish At:2020-09-07 13:17 | Read:198 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Management & Strat

SMS Phish – An Incident Walkthrough

Opener The goal of this blog post is to provide an approach to analyzing a text-based phish link. I will primarily focus on the initial steps to properly view the phish site from a non-mobile browser, provide OPSEC setup and browsing analysis recommendations, and conclude with defense measures to protect against such attacks. Analysis Background Whi
Publish At:2020-09-03 14:29 | Read:297 | Comments:0 | Tags:Incident Response Incident Response & Forensics Threat Hunti

SOC 2.0: A Guide to Building a Strong Security Ops Team

In a security operations center (SOC), your cybersecurity tools are only as good as the people using them and your SOC’s culture. What are the critical SOC roles? What qualities should you look for when hiring for them? And, what should you expect from a cybersecurity career? Learn more about why IBM was selected as a Global and European Leader in Man
Publish At:2020-09-02 17:10 | Read:243 | Comments:0 | Tags:Incident Response Security Intelligence & Analytics Security

We Need Better Classification of Threat Intelligence

Lack of Clarity in the Threat Intelligence Space is Causing ConfusionThe threat intelligence landscape has vastly changed over the years. While the term was originally used to refer to malware Indicators of Compromise (IOC) - lists of known malware signatures and the servers those malware communicate with, a method to identify infected devices within corpora
Publish At:2020-09-02 08:16 | Read:171 | Comments:0 | Tags:INDUSTRY INSIGHTS Incident Response

Elon Musk Confirms Russian Hackers Attempted to Recruit Tesla Employee

The failed attempt by Russian hackers to recruit an employee to install malware onto an enterprise network was targeting electric car maker Tesla, a tweet from Elon Musk confirms.The scheme was publicly detailed earlier this week, when the U.S. Department of Justice announced the arrest of Egor Igorevich Kriuchkov, 27, of Russia, who offered $1 million to an
Publish At:2020-08-28 15:01 | Read:247 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Tracking & Law Enf

Spooks Called in as Cyberattacks Again Halt NZ Stock Exchange

New Zealand's spy agency has been brought in to help fight back against cyberattacks that crippled the country's stock exchange for a fourth straight day on Friday.Finance Minister Grant Robertson said the Government Communications Security Bureau (GCSB) intelligence agency had joined efforts to contain the threat, which market operator NZX claimed was forei
Publish At:2020-08-28 15:00 | Read:192 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Cy

Palo Alto Networks to Acquire Incident Response Firm The Crypsis Group for $265 Million

Palo Alto Networks (NYSE: PANW) announced on Monday that it has agreed to acquire incident response and digital forensics consulting firm The Crypsis Group.Under the terms of the agreement, Palo Alto Networks will pay $265 million in cash, subject to adjustment, to acquire Crypsis.“The addition of The Crypsis Group's security consulting and forensics capabil
Publish At:2020-08-24 17:09 | Read:203 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response

University of Utah Pays $457,000 to Ransomware Operators

The University of Utah on Thursday revealed that it paid approximately $457,000 to ransomware operators after servers in its College of Social and Behavioral Science (CSBS) were compromised.The attack occurred on July 19, 2020, and resulted in the CSBS servers becoming temporarily inaccessible. Roughly .02% of the data stored on those servers was affected du
Publish At:2020-08-21 07:19 | Read:247 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Ma

Former Uber CSO Charged Over 2016 Data Breach Cover-Up

The U.S. Department of Justice announced on Thursday that former Uber chief security officer Joe Sullivan has been charged over his alleged role in the cover-up of the 2016 data breach that resulted in the information of millions of Uber drivers and users getting stolen by hackers.Sullivan has been charged with obstruction of justice and misprision of a felo
Publish At:2020-08-21 06:45 | Read:162 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Tracking & Law Enf

Tools

Tag Cloud