HackDig : Dig high-quality web security articles for hacker

Game Over: Improving Your Cyber Analyst Workflow Through Gamification

Gamification — the process of applying game principles to real-life scenarios — is everywhere, from U.S. army recruitment to immersive cybersecurity training. Employee satisfaction and motivation can be fickle. In a job that requires both repetition and razor-sharp focus to pinpoint anomalies, it can be difficult to maintain an edge. This can lead to burnout
Publish At:2017-06-24 00:25 | Read:406 | Comments:0 | Tags:Incident Response Security Intelligence & Analytics IBM QRad

Know the Odds: The Cost of a Data Breach in 2017

We’ve all heard that when it comes to experiencing a data breach, the question is not if it will happen, but when. You may be wondering about the actual odds of it happening to your organization. Think about it this way: The chances of being struck by lightning this year are 1 in 960,000. When it comes to experiencing a data breach, according to the Po
Publish At:2017-06-20 22:45 | Read:625 | Comments:0 | Tags:Data Protection Incident Response Security Services Cost of

The Power of the Security Immune System

The most common cyberattacks tend to follow the same pattern: An employee receives a fraudulent email and unwittingly exploits a vulnerability upon opening a malicious attachment, exposing sensitive data. Of course, there are countless variations — an unknown vulnerability, encrypted or exfiltrated data, a malware-laden hyperlink — and each one could result
Publish At:2017-06-17 02:40 | Read:512 | Comments:0 | Tags:Data Protection Incident Response Security Intelligence & An

Using Network Insights to Stay One Step Ahead of Emerging Threats

While the world breathes a sigh of collective relief with the discovery of a kill switch that slowed down the WannaCry worm, significant risk remains. The website that activated the kill switch has come under attack, meaning that a new version of WannaCry without the weakness could easily be released. We need to remain vigilant. WannaCry has demonstrated its
Publish At:2017-06-07 21:40 | Read:432 | Comments:0 | Tags:Incident Response Network Risk Management Incident Response

QakBot Banking Trojan Causes Massive Active Directory Lockouts

IBM X-Force Research recently observed a wave of malware-induced Active Directory (AD) lockouts across several incident response engagements. The lockouts caused hundreds to thousands of AD users to get locked out of their company’s domain in rapid succession, leaving employees of the impacted organizations unable to access their endpoints, company ser
Publish At:2017-06-03 00:15 | Read:1080 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence Banki

Security in Dog Years, Malware Analysis in Minutes

A few weeks ago, the security community had its security blanket ripped firmly away as the WannaCry ransomware ripped through hospitals, rail systems, telecommunication companies and more as it made its way around the globe. While the dust settles and researchers figure out the initial infection vector and develop recommendations for preventing future inci
Publish At:2017-06-01 11:15 | Read:605 | Comments:0 | Tags:Incident Response Malware Threat Intelligence Advanced Malwa

When a Cyber Crisis Hits, Know Your OODA Loops

In the months since we began simulating full-scale cyberattacks for customers at our IBM X-Force Command Center in Cambridge, Massachusetts, I’ve watched a steady stream of corporate security teams confront the hair-raising experience of a simulated cyberattack. The Command Center recreates the whole crisis from start to finish, featuring a controlled,
Publish At:2017-05-30 22:30 | Read:401 | Comments:0 | Tags:CISO Incident Response X-Force Research Chief Information Se

Incident Response: Planning for the Attack Before It Happens

By now, you’ve no doubt heard of WannaCry, the ransomware attack that impacted over 300,000 victims in more than 100 countries over the past 10 days. While we’ve all focused on effective patching strategies to prevent further infection, an important part of the discussion is how to plan for a successful incident response (IR) to ransomware and o
Publish At:2017-05-25 13:35 | Read:428 | Comments:0 | Tags:Incident Response X-Force Research IBM IBM Security IBM X-Fo

Unwrapping the Mystery: Did a Big, Slimy Internet Worm Make Hundreds of Organizations WannaCry?

Two weeks into the WannaCry aftermath, response teams are getting back to normal, organizations are re-evaluating their infrastructures, and even the bitcoin payments the fraudsters were collecting have almost stopped trickling in. It’s time now to look into the data to find clues about what made WannaCry spread so rapidly and with such a wide scope.
Publish At:2017-05-25 13:35 | Read:728 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence IBM X

Blocking Bad: The Importance of Blocking and Virtual Patching

Last week, we discussed the importance of patch management and the complexity of keeping systems within your company up to date. Not only are organizations challenged by the necessity of patching, but they must also contend with specific change control processes that help keep the business running. When systems cannot be immediately patched, many companies t
Publish At:2017-05-23 06:20 | Read:736 | Comments:0 | Tags:Incident Response Network IBM Security QRadar Patch Manageme

Lessons Learned From the WannaCry Ransomware Attack and Many Others That Preceded It

Dry Your Eyes: Lessons Learned From WannaCry If you’re reading this post, congratulations! You hopefully aren’t using one of the more than 200,000 computers that were hit by the first wave of the WannaCry ransomware attack. Those unfortunate victims are dealing with bigger problems right now, such as how to admit patients to their emergency rooms
Publish At:2017-05-17 21:15 | Read:641 | Comments:0 | Tags:Endpoint Incident Response Malware Security Intelligence & A

WannaCry Ransomware Spreads Across the Globe, Makes Organizations Wanna Cry About Microsoft Vulnerability

On Friday, May 12, 2017, the world was alarmed to discover that cybercrime had achieved a new record. In a widespread ransomware attack that hit organizations in more than 100 countries within the span of 48 hours, the operators of malware known as WannaCry/WanaCrypt0r 2.0 are believed to have caused the biggest attack of its kind ever recorded. Perhaps more
Publish At:2017-05-14 19:35 | Read:1114 | Comments:0 | Tags:Advanced Threats Fraud Protection Incident Response Malware

Five Whys: Lessons From the World of Incident Investigations

“If you do not ask the right question, you will not get the right answer.” — Olivier Serrat, “The Five Whys Technique“ In the 21st century, cybersecurity is paramount to an organization’s survival. Yet many organizations have managed to get by with poor cybersecurity practices, which then only serves to reinforce the illusion th
Publish At:2017-05-08 22:00 | Read:489 | Comments:0 | Tags:CISO Incident Response Risk Management Analysis Incident Res

FIRST TC Amsterdam 2017 Wrap-Up

Here is my quick wrap-up of the FIRST Technical Colloquium hosted by Cisco in Amsterdam. This is my first participation to a FIRST event. FIRST is an organization helping in incident response as stated on their website: FIRST is a premier organization and recognized global leader in incident response. Membership in FIRST enables incident response teams to mo
Publish At:2017-04-26 15:50 | Read:567 | Comments:0 | Tags:Event Incident Management Security Amsterdan FIRST Incident

Virtualization-Based Security…Bromium 4.0 Takes Isolation Mainstream

We’ve been working hard to get ready for the long anticipated launch of Bromium Secure Platform 4.0. Many of our customers, 35 to be exact, have already had the opportunity to test the release candidates and give feedback. Register now for the upcoming webinar on April 27 to learn more about what’s in the new release of Bromium Secure Platform. Virtualizat
Publish At:2017-04-16 13:05 | Read:475 | Comments:0 | Tags:Company News 4.0 attacks blacklisting blocking Bromium Secur


Share high-quality web security related articles with you:)


Tag Cloud