HackDig : Dig high-quality web security articles for hackers

2021 X-Force Threat Intelligence Index Reveals Peril From Linux Malware, Spoofed Brands and COVID-19 Targeting

From the front lines of incident response engagements to managed security services, IBM Security X-Force observes attack trends firsthand, yielding insights into the cyber threat landscape. Every year, X-Force collates billions of data points to assess cybersecurity threats to our customers. This report — the X-Force Threat Intelligence Index 202
Publish At:2021-02-24 10:59 | Read:128 | Comments:0 | Tags:Advanced Threats Data Protection Government Healthcare Malwa

Essential Threat Intelligence: Importance of Fundamentals in Identifying IOCs

The supply chain attack that Trojanized a SolarWinds update to infect and spy on the IT management platform’s customer base continues to be analyzed. Early reports have called the methods highly sophisticated and the actors highly trained. We do know that IP addresses, a command and control server and a malicious product update file were used. While de
Publish At:2021-02-09 18:03 | Read:171 | Comments:0 | Tags:Business + Partners Threat Intelligence brightcloud threat i

Moving Threat Identification From Reactive to Predictive and Preventative

In a previous post, we focused on organizations’ characteristics, such as sector, geography, risk and impact, when discussing the pillars of building a threat identification program. Now, we move deeper into the concept and expand upon the threat identification process through example scenarios, helping translate the conceptual framework into daily pr
Publish At:2021-02-05 14:35 | Read:150 | Comments:0 | Tags:Healthcare Security Services Threat Intelligence Cyberthreat

School’s Out for Ransomware

When I was growing up, snow days (days off for inclement weather or heavy snowfall) weren’t uncommon. We’d get 24 hours or so of freedom, then mother nature would eventually step in and resolve the problem. But today’s kids are dealing with a new kind of snow day, one mother nature can’t help with — ransomware. Unlike a snow da
Publish At:2021-02-04 07:23 | Read:226 | Comments:0 | Tags:Cloud Security Incident Response Security Services Threat In

A Look at HTTP Parameter Pollution and How To Prevent It

With HTTP Parameter Pollution (HPP) attacks, threat actors can hide scripts and processes in URLs. First discovered in 1999, this technique can also allow threat actors to pollute the parameters in the URL and the request body. This could lead to behavior changes in the app, such as cross-site scripting, privilege changes or granting unwanted access. 
Publish At:2021-02-03 11:53 | Read:170 | Comments:0 | Tags:Data Protection Fraud Protection Software & App Vulnerabilit

How to Stop Shadow IT, Manage Access and Ensure Security with Cloud Applications

Today, the average enterprise uses over 2000 cloud applications and services, and we expect this number will continue to grow as more businesses realize the efficiency, flexibility and collaboration benefits these services bring. But the use of cloud-based applications also comes with a few caveats; for example, the apps themselves may pose potential securit
Publish At:2021-02-02 14:27 | Read:158 | Comments:0 | Tags:Business + Partners Threat Intelligence brightcloud threat i

Preparing a Client Environment for Threat Management

A key part of making any threat management program successful is ensuring it maps properly to the client’s needs. In the past, this has been challenging for many groups providing threat management to their internal teams. The challenge has largely been in making sure the proposed program and the suite of solutions find and call out the most pressing t
Publish At:2021-01-14 19:59 | Read:188 | Comments:0 | Tags:Threat Hunting Threat Intelligence Security Services Threat

Abusing cloud services to fly under the radar

tl;dr NCC Group and Fox-IT have been tracking a threat group with a wide set of interests, from intellectual property (IP) from victims in the semiconductors industry through to passenger data from the airline industry. In their intrusions they regularly abuse cloud services from Google and Microsoft to achieve their goals. NCC Group and Fox-IT observe
Publish At:2021-01-12 12:08 | Read:318 | Comments:0 | Tags:Blog Cobalt Strike Threat Intelligence Cloud

What is STRIDE and How Does It Anticipate Cyberattacks?

STRIDE threat modeling is an important tool in a security expert’s arsenal. Threat modeling provides security teams with a practical framework for dealing with a threat. For example, the STRIDE model offers a proven methodology of next steps. It can suggest what defenses to include, the likely attacker’s profile, likely attack vectors and the as
Publish At:2021-01-11 21:47 | Read:293 | Comments:0 | Tags:Cloud Security Threat Hunting Threat Intelligence threat mod

Update on Widespread Supply-Chain Compromise

SolarWinds has announced a cyberattack on its systems that compromised specific versions of the SolarWinds Orion Platform, a widely used network management tool. SolarWinds reports that this incident was likely the result of a highly sophisticated, targeted and manual supply chain attack by a nation state, but it has not, to date, independently verified the
Publish At:2020-12-16 21:47 | Read:421 | Comments:0 | Tags:Incident Response Network Threat Intelligence Government IBM

A Reminder to Stay Vigilant

This year has been a challenging one for organizations that faced data breaches, intrusions and ransomware attacks at the hands of cyber criminals and nation-state attackers. Cybersecurity firm FireEye announced on Dec. 8, 2020, that an adversary targeted and gained unauthorized access to its Red Team tools — an important call to every company to rema
Publish At:2020-12-09 18:11 | Read:294 | Comments:0 | Tags:Incident Response News Threat Intelligence Cybersecurity Dat

Building A Threat Identification Program to Better Manage Risk: The Key Pillars

Often, in the world of information security and risk management, the question facing threat intelligence teams is amidst this sea of vulnerability disclosures, which ones matter the most to my organization? Which can impact us the most? And, how do I best explain threats to internal stakeholders in a way that helps minimize risk? Reducing risk through prope
Publish At:2020-10-29 15:28 | Read:551 | Comments:0 | Tags:Threat Intelligence Security Operations Center (SOC)

Threat Analysis: How the Rapid Evolution of Reporting Can Change Security

With the advancements in data reporting gleaned from security information and event management (SIEM) tools and adjacent solutions, every security team today can face information overload and paralysis. To gain clarity within this murk, the practice of threat analysis has emerged and continues to evolve with time. With it, security professionals can fi
Publish At:2020-10-29 15:28 | Read:560 | Comments:0 | Tags:Security Intelligence & Analytics Threat Hunting Threat Inte

Reaching Strategic Outcomes With A Managed Detection and Response Service Provider: Part 1

This is the first in a five-part blog series on Managed Detection and Response as it drives strategic security outcomes for businesses. If there’s one thing the past decade has shown us, it’s that change happens faster than expected. Looking across the modern enterprise, we’ve seen applications become more modular and containerized and dat
Publish At:2020-10-29 03:46 | Read:564 | Comments:0 | Tags:Security Intelligence & Analytics Security Services Threat I

Are Bug Bounty Programs Worth It?

Bug bounty programs are on the rise, and participating security researchers earned big bucks as a result. According to a report released by HackerOne in February 2020, hackers had collectively earned approximately $40 million from those programs in 2019. This amount is nearly equal to the bounty totals hackers received for all preceding years combined. In &
Publish At:2020-10-12 10:28 | Read:476 | Comments:0 | Tags:Risk Management Threat Hunting Threat Intelligence Bug Bount


Tag Cloud