HackDig : Dig high-quality web security articles for hackers

Threat Hunting Techniques: A Quick Guide

Threat hunting is an essential part of security operations center services and should be incorporated at an early stage. Threat hunting is the art of finding the unknowns in the environment, going beyond traditional detection technologies, such as security information and event management (SIEM), endpoint detection and response (EDR) and others. There are m
Publish At:2020-08-05 10:35 | Read:50 | Comments:0 | Tags:Threat Hunting Advanced Threat Protection Advanced Threats C

Aviation Can Anticipate an Increase in State-Sponsored Activity

The combination of lockdown measures, travel restrictions and stalling demand brought on by COVID-19 has caused an unprecedented collapse in the global air transport industry. Facing a projected loss of $84.3 billion in revenue and 32 million aviation-related jobs worldwide, nations are scrambling to provide much-needed financial support to sustain domestic
Publish At:2020-07-28 17:26 | Read:70 | Comments:0 | Tags:Advanced Threats Threat Research X-Force IRIS Incident Respo

Become The Malware Analyst Series: Malicious Code Extraction and Deobfuscation

In this video, Senior Incident Response & Research Consultant Scott Nusbaum demonstrates a method to extract and deobfuscate code from a malicious document. Upon rendering the code readable, Nusbaum works to gain an understanding of the goals the malware was attempting to accomplish and the processes by which it undertook that effort. This video
Publish At:2020-07-07 09:43 | Read:87 | Comments:0 | Tags:Incident Response Incident Response & Forensics Malware Anal

Are You Looking for Ants or Termites?

Over the last several months, I’ve noticed something when discussing Incident Response (IR) with clients. There is often confusion between the expectation and reality concerning the end results of an IR investigation. My goal here is to clarify and set those expectations, and to show how Threat Hunting factors in. When TrustedSec gets called to conduct an
Publish At:2020-07-01 14:44 | Read:153 | Comments:0 | Tags:Incident Response Incident Response & Forensics Threat Hunti

Visibility and Threat Detection in a Remote Working World

At the outset of the COVID-19 pandemic, when governments around the world put stay-at-home orders in place, it was hard to imagine the state of work would permanently change. Yet, as organizations rapidly adopted and expanded systems to enable a remote workforce — which doubled in size in just three weeks — company cultures began shifting, too. As employees
Publish At:2020-06-24 11:06 | Read:176 | Comments:0 | Tags:CISO Endpoint Security Intelligence & Analytics Threat Hunti

A Game of Chess: Entropy and Patterns in Threat Intelligence

During a brainstorming discussion with a colleague on the value of entropy in machine learning models, specifically the models used in threat intelligence work, I mentioned that many of the threat intelligence models in use today seem to overemphasize the pattern recognition aspect of threat intelligence through the egregious use of algorithms. By contrast,
Publish At:2020-06-23 11:55 | Read:177 | Comments:0 | Tags:Artificial Intelligence Security Intelligence & Analytics Th

Adventures in Phishing Email Analysis

Opening Phishing attacks are a daily threat to all organizations and unfortunately, they are one of the hardest threats to protect against. No matter how many defensive layers an organization has put in place following best practice defense-in-depth design, it only takes one (1) user to click on that malicious link or open that weaponized attached documen
Publish At:2020-06-18 10:09 | Read:210 | Comments:0 | Tags:Incident Response Incident Response & Forensics Penetration

The Journey to Simplicity: User Experience in Security

Keeping an organization secure is no easy task, especially with the explosion in cloud adoption and digital transformation against a backdrop of increasingly dangerous threats and threat actors. We can all recite the challenges that security teams struggle with — too many solutions, not enough people, not enough visibility. With the average organization dep
Publish At:2020-06-10 11:12 | Read:184 | Comments:0 | Tags:Security Intelligence & Analytics Threat Hunting Design Thin

SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT

Between late March and mid-April 2020, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a phishing campaign targeting small businesses that appears to originate from the U.S. Government Small Business Administration (SBA.gov). The emails, which contain subjects and attachments related to the need for small businesses to apply for disa
Publish At:2020-05-03 08:13 | Read:559 | Comments:0 | Tags:Government Malware Threat Hunting Credentials Theft Email IB

COVID-19’s Remote Workforce: Protect Your Rapidly Growing Attack Surface

As organizations adapt and respond to the impact of COVID-19, significant new challenges are on the rise as a majority of the workforce has shifted to remote work arrangements. Employee-owned devices and home networks that were not formerly protected by enterprise security controls have rapidly expanded many organizations’ attack surfaces. At the same
Publish At:2020-04-17 13:00 | Read:648 | Comments:0 | Tags:CISO Security Services Threat Hunting Threat Intelligence Co

Using Mystery Novel Techniques to Track Down Cyberthreats

How good are your sleuthing skills? Do you savor Agatha Christie novels and figure out who did it before the big reveal? If so, the skills you use to read a good detective novel may also help you discover the origins of cyberthreats. With serious threat hunting techniques (the kind taken directly from books and TV shows that solve a crime in 60 minutes or 30
Publish At:2020-03-18 09:23 | Read:520 | Comments:0 | Tags:Threat Hunting Cyberthreats Incident Response (IR) Incident

How a More Connected Approach Can Help With Threat Management

Threat management is a framework that is often used to evaluate and manage everything you can do to detect and respond to cyberthreats. It encompasses people, process and technology, and for effective threat management, all three should work together seamlessly. Of course, that’s easier said than done. When you look at just the technology piece of thre
Publish At:2020-03-06 11:10 | Read:650 | Comments:0 | Tags:Incident Response Risk Management Threat Hunting Threat Inte

Are our police forces equipped to deal with modern cybercrimes?

“You should have asked for the presence of a digital detective,” Karen said when I told her what happened at the police station. I had accompanied a neighbor, who is a small business owner, that had been hit with ransomware and wanted to file a report. After listening to his story, the police officer at the desk asked if my neighbor had a description of the
Publish At:2020-03-04 16:09 | Read:696 | Comments:0 | Tags:Opinion critical infracstructure cybercrime digital evidence

Artificial Intelligence (AI) and Security: A Match Made in the SOC

Change is constant in cybersecurity — continual, rapid, dynamic change. It’s impossible to maintain an effective defensive posture without constantly evolving. Security measures that worked in the past will not be effective today, and today’s security controls will not be effective tomorrow. Many factors contribute to this rapid pace of change. A
Publish At:2020-02-09 10:30 | Read:692 | Comments:0 | Tags:Artificial Intelligence Analysts Artificial Intelligence (AI

5 tips for building an effective security operations center (SOC)

Security is more than just tools and processes. It is also the people that develop and operate security systems. Creating systems in which security professionals can work efficiently and effectively with current technologies is key to keeping your data and networks secure. Many enterprise organizations understand this need and are attempting to meet it with
Publish At:2019-12-13 16:50 | Read:765 | Comments:0 | Tags:Business Endpoint Protection incident responder incident res

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud