HackDig : Dig high-quality web security articles for hacker

How Relevance Scoring Can Make Your Threat Intelligence More Actionable

As businesses around the world become more global, the volume and complexity of attacks continue to grow. Protecting a company in today’s environment has become more difficult. For example, securing an organization with offices in London, Hong Kong and Santa Cruz represents a challenge of both scale and complexity for security analysts. In addition, th
Publish At:2020-04-02 09:30 | Read:113 | Comments:0 | Tags:Security Intelligence & Analytics Threat Intelligence Analys

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

The recent months have created a new reality in the world as the novel Coronavirus pandemic spread from country to country raising concerns among people everywhere. With spammers and malware distributors already being accustomed to riding trending news, the COVID-19 theme has been exploited thoroughly by a large variety of spam and malspam campaigns. It appe
Publish At:2020-03-30 02:05 | Read:188 | Comments:0 | Tags:Malware Threat Intelligence Banking Malware Banking Trojan C

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

IBM X-Force researchers recently analyzed an Android malware app that’s likely being pushed to infected users by the TrickBot Trojan. This app, dubbed “TrickMo” by our team, is designed to bypass strong authentication methods that bank customers use when they need to authorize a transaction. Though it’s not the first of its kind, this
Publish At:2020-03-24 07:55 | Read:213 | Comments:0 | Tags:Advanced Threats Risk Management Threat Intelligence Android

4 Principles That Should Define Your Evolving Security Operations Model

I recently had the opportunity to speak at a security conference where I presented the operating models that an organization can embrace when managing cyberthreats and the guiding principles associated with them. It was a great chance to share some of my experiences with the greater community and foster intellectual curiosity around an increasingly important
Publish At:2020-03-20 09:20 | Read:204 | Comments:0 | Tags:CISO Risk Management Security Services Cloud Security Cybert

9 Best Practices from X-Force Red for Organizations and Employees

As employers rapidly respond to the need to protect their workforces from potential exposure and spread of the novel coronavirus, also known as COVID-19, many organizations are making the very difficult decision to pivot to a work-from-home model. This means employees will be connecting to corporate networks from whichever device is available: laptops, phone
Publish At:2020-03-18 16:57 | Read:211 | Comments:0 | Tags:Application Security CISO Data Protection Threat Intelligenc

EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan

In recent analysis of malicious activity likely targeting entities based in the Middle East, IBM X-Force Incident Response and Intelligence Services (IRIS) discovered backdoor malware packed with the legitimate Enigma Protector software. We named this malware “EnigmaSpark” per the Enigma Protector and the string “Spark4.2” from a .pdb
Publish At:2020-03-18 09:23 | Read:202 | Comments:0 | Tags:Advanced Threats Threat Intelligence Command-and-Control (C&

IBM X-Force Threat Intelligence Cybersecurity Brief: Novel Coronavirus (COVID-19)

Global events such as the novel coronavirus (COVID-19) make all of us attractive targets for cybersecurity criminals. Whether it’s phishing emails or new targeted scams, these tactics are meant to take advantage of citizens who are understandably concerned about their safety and health during this challenging time. COVID-19 email exploits can deliver damagin
Publish At:2020-03-17 18:13 | Read:221 | Comments:0 | Tags:Advanced Threats Threat Intelligence Threat Research IBM X-F

2020 Tax Fraud Trends: How to Protect Yourself at Home and Work

The tax season deadline in the U.S. is April 15, 2020, and that means scammers are officially on the prowl for unsuspecting tax fraud victims. Attackers are utilizing both time-tested and new techniques to collect tax information and personal data from victims and target individual and corporate accounts. No one is immune from tax season risks, and most of u
Publish At:2020-03-17 10:37 | Read:303 | Comments:0 | Tags:Fraud Protection Bank Fraud Email Fraud Fraud Schemes Identi

Player vs. Hacker: Cyberthreats to Gaming Companies and Gamers

The video gaming landscape has changed drastically over the past few decades. Some of these changes have led to considerable developments in the cyberthreat landscape as it applies to gaming companies, the games themselves and the user base that enjoys them. Integration of the cloud, mobile apps and social networks, the diversity of games and platforms, th
Publish At:2020-03-16 10:45 | Read:292 | Comments:0 | Tags:Application Security Software & App Vulnerabilities Threat I

Inadvertent Insider Threats Present a Unique Challenge to Organizations

According to the recent X-Force Threat Intelligence Index 2020, more than 8.5 billion records were exposed due to breaches in 2019, of which 86 percent were due to misconfigured assets. These issues affected only half of the records breached in 2018, and as the 2017 report stated, 70 percent of the 2.9 billion records lost that year were due to misconfigurat
Publish At:2020-03-13 11:46 | Read:375 | Comments:0 | Tags:CISO Cloud Security Cloud Cloud Services Cloud Services Prov

Evasion Techniques: User-Agent Blocking

<p><img src="https://info.phishlabs.com/hs-fs/hubfs/Evasion%20Techniques_%20User-Agent%20Blocking.png?width=300&amp;name=Evasion%20Techniques_%20User-Agent%20Blocking.png" alt="Evasion Techniques_ User-Agent Blocking" width="300" style="width: 300px; float: right; margin: 0px 0px 10px 10px;">Recently we highlighted one of the most common evas
Publish At:2020-03-12 17:50 | Read:310 | Comments:0 | Tags:Phishing Threat Intelligence Email Incident Response

PXJ Ransomware Campaign Identified by X-Force IRIS

Ransomware has become one of the most profitable types of malware in the hands of cybercriminals, with reported cybercrime losses tripling in the last five years, according to the FBI. A constant flow of new and reused code in this realm continues to flood both consumers and organizations who fight to prevent infections, respond to attacks and often resort t
Publish At:2020-03-12 09:13 | Read:239 | Comments:0 | Tags:Malware Threat Intelligence Cryptography Cybercrime Encrypti

Safeguarding Healthcare for the Future With Zero Trust Security

In 2019, we saw a record number of information security breaches. According to the IBM X-Force Threat Intelligence Index 2020, a total of 8.5 billion records were compromised — three times the number from 2018. The healthcare industry saw its fair share of attacks and was the 10th-most targeted industry, accounting for 3 percent of all attacks last year. Th
Publish At:2020-03-11 08:47 | Read:383 | Comments:0 | Tags:Healthcare Identity & Access Access Management Advanced Pers

How a More Connected Approach Can Help With Threat Management

Threat management is a framework that is often used to evaluate and manage everything you can do to detect and respond to cyberthreats. It encompasses people, process and technology, and for effective threat management, all three should work together seamlessly. Of course, that’s easier said than done. When you look at just the technology piece of thre
Publish At:2020-03-06 11:10 | Read:321 | Comments:0 | Tags:Incident Response Risk Management Threat Hunting Threat Inte

Embracing the Power of Community for Better Security

If you ask any business leader what their goals are for 2020, at some level you’re likely to hear “innovation.” Innovation is essential for competing in the global economy because it helps businesses stay relevant and teams work more efficiently. This need for constant improvement is incredibly clear in the security industry, where both bus
Publish At:2020-03-05 08:37 | Read:296 | Comments:0 | Tags:Cloud Security Collaboration Innovation Open Source Security

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud