HackDig : Dig high-quality web security articles for hackers

Winning with Cyber Threat Intelligence: Taking a More Personal View

In this final article of our trilogy, we investigate how a cyber threat intelligence (CTI) analyst and associated programmes provide insight about physical and cyber threats to your organisation. The value of these insights is reflected in the wins, which come as a result of context building, holistic understanding, and enhanced awareness in order to outmano
Publish At:2020-05-24 09:53 | Read:89 | Comments:0 | Tags:Security Awareness Cyber Threats threat analysis threat inte

What the Data Is Telling Us About the Current Rise in Security Threats During the COVID-19 Pandemic

The current pandemic has shown us what humanity stands for: kindness, care, sharing, giving and all the great values that we have as a global community, especially in hard times. In these times of need, there are multiple initiatives that are being driven by individuals and organizations alike asking for help — both in kind and cash. And, as one would expect
Publish At:2020-05-24 06:18 | Read:39 | Comments:0 | Tags:Network Threat Research Cyberattacks Cybercriminals Identity

New Study Shows Consumers Could Be Vulnerable to COVID-19 Spam

Since the World Health Organization (WHO) declared the COVID-19 outbreak a pandemic on March 11, IBM X-Force has observed a more than 6,000 percent increase in COVID-19-related spam, with lures ranging the full gamut of challenges and concerns facing individuals — from phishing emails impersonating the Small Business Administration (SBA) and the WHO to U.S.
Publish At:2020-05-03 08:13 | Read:206 | Comments:0 | Tags:Advanced Threats Banking & Financial Services Fraud Protecti

SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT

Between late March and mid-April 2020, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a phishing campaign targeting small businesses that appears to originate from the U.S. Government Small Business Administration (SBA.gov). The emails, which contain subjects and attachments related to the need for small businesses to apply for disa
Publish At:2020-05-03 08:13 | Read:334 | Comments:0 | Tags:Government Malware Threat Hunting Credentials Theft Email IB

TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam

IBM X-Force monitors billions of spam emails a year, mapping trending, malicious campaigns and their origins. Recent analysis from our spam traps uncovered a new Trickbot campaign that currently targets email recipients with fake messages purporting to come from the U.S. Department of Labor (DoL). The spam leverages the Family and Medical Leave Act (FMLA), w
Publish At:2020-05-03 08:13 | Read:319 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Cybercrime Fraud

Gain Visibility Into Operational Technology (OT) Environments With a Combined SOC

Operational technology (OT) encompasses many aspects of our world, including industrial control systems (ICS) that are used to control core operational processes. ICS technologies often control essential services such as water and power supply and are also used to monitor these services to prevent hazardous conditions. Manipulation of these systems and proce
Publish At:2020-05-03 08:13 | Read:238 | Comments:0 | Tags:Energy & Utility Security Intelligence & Analytics Security

New Android Banking Trojan Targets Spanish, Portuguese Speaking Users

IBM X-Force research recently analyzed a new Android banking Trojan that appears to be targeting users in countries that speak Spanish or Portuguese, namely Spain, Portugal, Brazil and other parts of Latin America. This Trojan, which was created atop an existing, simpler SMSstealer.BR, was supplemented with more elaborate overlay capabilities. That portion o
Publish At:2020-04-21 06:45 | Read:441 | Comments:0 | Tags:Malware Mobile Security Android Android Malware Banking Malw

COVID-19’s Remote Workforce: Protect Your Rapidly Growing Attack Surface

As organizations adapt and respond to the impact of COVID-19, significant new challenges are on the rise as a majority of the workforce has shifted to remote work arrangements. Employee-owned devices and home networks that were not formerly protected by enterprise security controls have rapidly expanded many organizations’ attack surfaces. At the same
Publish At:2020-04-17 13:00 | Read:423 | Comments:0 | Tags:CISO Security Services Threat Hunting Threat Intelligence Co

The Problem with HTTPS

Reading Time: ~ 3 min. Despite the intent of ensuring safe transit of information to and from a trusted website, encrypted protocols (usually HTTPS) do little to validate that the content of certified websites is safe. With the widespread usage of HTTPS protocols on major websites, network and security devices relying on interception of user traffic to ap
Publish At:2020-04-14 12:47 | Read:374 | Comments:0 | Tags:Business + Partners Threat Intelligence https threat intelli

TA505 Continues to Infect Networks With SDBbot RAT

IBM X-Force Incident Response and Intelligence Services (IRIS) responds to security incidents around the globe. During analysis and comparison of malicious activity on enterprise networks, our team identified attacks likely linked to Hive0065, also known as TA505. We observed that Hive0065 continues to spread the SDBbot remote-access Trojan (RAT) alongside o
Publish At:2020-04-14 12:36 | Read:428 | Comments:0 | Tags:Advanced Threats Incident Response Command-and-Control (C&C)

Phishers and iPhone Thieves Rolling Out Multimillion-Dollar Operations

IBM X-Force Incident Response and Intelligence Services (IRIS) researchers recently went down the rabbit hole of a physical iPhone theft that was followed by a SMiShing campaign designed to unlock the phone for resale on the black market. As we looked into what was behind the phish, we found a thriving and large-scale operation of over 600 phishing domains d
Publish At:2020-04-09 06:33 | Read:497 | Comments:0 | Tags:Mobile Security Threat Intelligence Apple Cloud Cloud Securi

ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework

The past two years have borne witness to the increasing collaboration between organized cybercrime groups to avoid duplication of efforts and maximize profits. Although this collaboration has primarily occurred between gangs developing and distributing well-known banking Trojans, such as Emotet, TrickBot and IcedID, it does not stop there. In a new and dange
Publish At:2020-04-07 08:25 | Read:446 | Comments:0 | Tags:Advanced Threats Threat Intelligence Banking Trojan Collabor

How Relevance Scoring Can Make Your Threat Intelligence More Actionable

As businesses around the world become more global, the volume and complexity of attacks continue to grow. Protecting a company in today’s environment has become more difficult. For example, securing an organization with offices in London, Hong Kong and Santa Cruz represents a challenge of both scale and complexity for security analysts. In addition, th
Publish At:2020-04-02 09:30 | Read:333 | Comments:0 | Tags:Security Intelligence & Analytics Threat Intelligence Analys

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

The recent months have created a new reality in the world as the novel Coronavirus pandemic spread from country to country raising concerns among people everywhere. With spammers and malware distributors already being accustomed to riding trending news, the COVID-19 theme has been exploited thoroughly by a large variety of spam and malspam campaigns. It appe
Publish At:2020-03-30 02:05 | Read:357 | Comments:0 | Tags:Malware Threat Intelligence Banking Malware Banking Trojan C

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

IBM X-Force researchers recently analyzed an Android malware app that’s likely being pushed to infected users by the TrickBot Trojan. This app, dubbed “TrickMo” by our team, is designed to bypass strong authentication methods that bank customers use when they need to authorize a transaction. Though it’s not the first of its kind, this
Publish At:2020-03-24 07:55 | Read:353 | Comments:0 | Tags:Advanced Threats Risk Management Threat Intelligence Android

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud