HackDig : Dig high-quality web security articles

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity
Publish At:2022-08-02 13:09 | Read:309 | Comments:0 | Tags:Advanced Threats Application Security Security Services Thre

Security Obscurity Versus Ethical Hackers: Who’s Right?

Security breaches can lead to damage to a business’s finances, operations and reputation. What many companies might fear most is the latter: damage to their reputation. This may explain why 65% of organizations want to be seen as infallible, as per a recent HackerOne survey. Meanwhile, 64% maintain a culture of security through obscurity, and 38% aren
Publish At:2022-07-18 13:09 | Read:303 | Comments:0 | Tags:Risk Management Security Services Threat Hunting ethical hac

What Cybersecurity Teams Can Learn From the US Cyber Command’s ‘Hunt Forward’

After decades of playing defense, the United States government went on the offense in the past few years against global state-sponsored cyber attackers. U.S. Cyber Command conducted “hunt forward” operations recently in 16 countries, including in Ukraine, as part of a policy set in 2018.  This policy involves partnering with foreign countri
Publish At:2022-07-15 13:09 | Read:369 | Comments:0 | Tags:Threat Hunting Threat Intelligence ukraine cyber attacks eth

Digital Shadows Weaken Your Attack Surface

Every tweet, text, bank transaction, Google search and DoorDash order is part of your digital shadow. We all have one, and the contents of your shadow aren’t always private. For example, in April 2021 attackers leaked data containing the personal information of over 533 million Facebook users from 106 countries.  Sure, you might want your tw
Publish At:2022-06-28 13:08 | Read:449 | Comments:0 | Tags:Data Protection Security Services Threat Hunting attack surf

Black Basta Besting Your Network?

This post was written with contributions from Chris Caridi and Kat Weinberger. IBM Security X-Force has been tracking the activity of Black Basta, a new ransomware group that first appeared in April 2022. To date, this group has claimed attribution of 29 different victims across multiple industries using a double extortion strategy where the attackers not o
Publish At:2022-05-26 14:27 | Read:1034 | Comments:0 | Tags:Intelligence & Analytics Network Threat Hunting Threat Intel

Splunk SPL Queries for Detecting gMSA Attacks

1    Introduction What is a group Managed Service Account (gMSA)? If your job is to break into networks, a gMSA can be a prime target for a path to escalate privileges, perform credential access, move laterally or even persist in a domain via a ‘golden’ opportunity. If you’re an enterprise defender, it’s something you need to lo
Publish At:2022-05-20 12:11 | Read:1207 | Comments:0 | Tags:Active Directory Security Review Incident Response Incident

How Dangerous Is the Cyber Attack Risk to Transportation?

If an attacker breaches a transit agency’s systems, the impact could reach far beyond server downtime or leaked emails. Imagine an attack against a transportation authority that manages train and subway routes. The results could be terrible.  Between June of 2020 and June of 2021, the transportation industry witnessed a 186% increase in weekly ra
Publish At:2022-05-17 10:18 | Read:1670 | Comments:0 | Tags:Mainframe Risk Management Security Services Threat Hunting c

MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be?

The MITRE ATT&CK threat framework is seemingly everywhere these days, and with good reason. It is an invaluable tool for understanding the various methods, or as MITRE refers to them Tactics and Techniques, employed by threat actors. It offers annotated and curated details about those methods, and it provides the capability to visualize this data in use
Publish At:2022-05-11 14:16 | Read:1053 | Comments:0 | Tags:Intelligence & Analytics Security Services Threat Hunting MI

The Growing Danger of Data Exfiltration by Third-Party Web Scripts

The theft of personal or sensitive data is one of the biggest threats to online business. This danger, data exfiltration or data extrusion, comes from a wide variety of attack vectors. These include physical theft of devices, insider attacks within a corporate network and phishing, malware or third-party scripts. The risk for regular website users that a
Publish At:2022-05-06 10:09 | Read:1425 | Comments:0 | Tags:Data Protection Risk Management Threat Hunting web scripts d

What Are the Biggest Phishing Trends Today?

According to the 2022 X-Force Threat Intelligence Index, phishing was the most common way that cyber criminals got inside an organization. Typically, they do so to launch a much larger attack such as ransomware. The Index also found that phishing was used in 41% of the attacks that X-Force remediated in 2021. That’s a 33% increase from 2021.  One
Publish At:2022-04-28 10:09 | Read:1569 | Comments:0 | Tags:Data Protection Fraud Protection Identity & Access Incident

Building the CASE for the Vehicle Security Operations Center

This post was written with contributions from IBM Security’s Rob Dyson, Preston Futrell and Brett Drummond. Let’s explore a day in the life of a vehicle security operations center (VSOC). An autonomous vehicle is transporting passengers to their destination. Inside the vehicle, they are patiently waiting to arrive at their destination and, in th
Publish At:2022-04-21 18:01 | Read:1796 | Comments:0 | Tags:Risk Management Security Services Threat Hunting CASE Connec

What Online Gaming Cheats Teach Us About Cybersecurity

!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> When you play a video game, you probably want to win, or at least show off real skill. Cheaters make it a lot less fun, according to a recent Irdeto Global Gaming Survey. It says 60% of all online video game players across the globe have had their gaming
Publish At:2022-04-12 10:09 | Read:1403 | Comments:0 | Tags:Risk Management Security Services Threat Hunting cybersecuri

CVE 2022-22965 (Spring4Shell) Vulnerability

p>On March 29, 2022, a security researcher with the handle p1n93r disclosed a Spring Framework remote code execution (RCE) vulnerability, which was archived by vx-underground. This vulnerability, known as Spring4Shell, affects applications that use JDK v9 or above that run Apache Tomcat as the Servlet Container in a WAR package and use dependencies of the sp
Publish At:2022-04-01 15:55 | Read:950 | Comments:0 | Tags:Incident Response Incident Response & Forensics Table-Top Ex

Simplifying Your Operational Threat Hunt Planning

h2>Opening Hopefully you all were able to read our recent Threat Hunting whitepaper and had the chance to listen to our latest Threat Hunting webinar. These references should be used as the foundation of information, which leads us into the next journey: how to build out your first Threat Hunt. Building out an organization’s Threat Hunting progra
Publish At:2022-03-30 11:59 | Read:730 | Comments:0 | Tags:Incident Response Incident Response & Forensics Malware Anal

TrustedSec Okta Breach Recommendations

TrustedSec’s Incident Response Team sent urgent communications to all IR retainer clients after the discovery of the compromise of Okta. Below are the recommendations provided with additional updates after reviewing more information on 03/23/2022. On March 22, 2022, the threat group LAPSUS$ announced a successful compromise of Okta, a heavily used i
Publish At:2022-03-23 15:55 | Read:2549 | Comments:0 | Tags:Incident Response Incident Response & Forensics Malware Anal

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud