HackDig : Dig high-quality web security articles for hackers

Preparing a Client Environment for Threat Management

A key part of making any threat management program successful is ensuring it maps properly to the client’s needs. In the past, this has been challenging for many groups providing threat management to their internal teams. The challenge has largely been in making sure the proposed program and the suite of solutions find and call out the most pressing t
Publish At:2021-01-14 19:59 | Read:80 | Comments:0 | Tags:Threat Hunting Threat Intelligence Security Services Threat

Abusing cloud services to fly under the radar

tl;dr NCC Group and Fox-IT have been tracking a threat group with a wide set of interests, from intellectual property (IP) from victims in the semiconductors industry through to passenger data from the airline industry. In their intrusions they regularly abuse cloud services from Google and Microsoft to achieve their goals. NCC Group and Fox-IT observe
Publish At:2021-01-12 12:08 | Read:120 | Comments:0 | Tags:Blog Cobalt Strike Threat Intelligence Cloud

What is STRIDE and How Does It Anticipate Cyberattacks?

STRIDE threat modeling is an important tool in a security expert’s arsenal. Threat modeling provides security teams with a practical framework for dealing with a threat. For example, the STRIDE model offers a proven methodology of next steps. It can suggest what defenses to include, the likely attacker’s profile, likely attack vectors and the as
Publish At:2021-01-11 21:47 | Read:133 | Comments:0 | Tags:Cloud Security Threat Hunting Threat Intelligence threat mod

Update on Widespread Supply-Chain Compromise

SolarWinds has announced a cyberattack on its systems that compromised specific versions of the SolarWinds Orion Platform, a widely used network management tool. SolarWinds reports that this incident was likely the result of a highly sophisticated, targeted and manual supply chain attack by a nation state, but it has not, to date, independently verified the
Publish At:2020-12-16 21:47 | Read:214 | Comments:0 | Tags:Incident Response Network Threat Intelligence Government IBM

A Reminder to Stay Vigilant

This year has been a challenging one for organizations that faced data breaches, intrusions and ransomware attacks at the hands of cyber criminals and nation-state attackers. Cybersecurity firm FireEye announced on Dec. 8, 2020, that an adversary targeted and gained unauthorized access to its Red Team tools — an important call to every company to rema
Publish At:2020-12-09 18:11 | Read:152 | Comments:0 | Tags:Incident Response News Threat Intelligence Cybersecurity Dat

Building A Threat Identification Program to Better Manage Risk: The Key Pillars

Often, in the world of information security and risk management, the question facing threat intelligence teams is amidst this sea of vulnerability disclosures, which ones matter the most to my organization? Which can impact us the most? And, how do I best explain threats to internal stakeholders in a way that helps minimize risk? Reducing risk through prope
Publish At:2020-10-29 15:28 | Read:404 | Comments:0 | Tags:Threat Intelligence Security Operations Center (SOC)

Threat Analysis: How the Rapid Evolution of Reporting Can Change Security

With the advancements in data reporting gleaned from security information and event management (SIEM) tools and adjacent solutions, every security team today can face information overload and paralysis. To gain clarity within this murk, the practice of threat analysis has emerged and continues to evolve with time. With it, security professionals can fi
Publish At:2020-10-29 15:28 | Read:440 | Comments:0 | Tags:Security Intelligence & Analytics Threat Hunting Threat Inte

Reaching Strategic Outcomes With A Managed Detection and Response Service Provider: Part 1

This is the first in a five-part blog series on Managed Detection and Response as it drives strategic security outcomes for businesses. If there’s one thing the past decade has shown us, it’s that change happens faster than expected. Looking across the modern enterprise, we’ve seen applications become more modular and containerized and dat
Publish At:2020-10-29 03:46 | Read:376 | Comments:0 | Tags:Security Intelligence & Analytics Security Services Threat I

Are Bug Bounty Programs Worth It?

Bug bounty programs are on the rise, and participating security researchers earned big bucks as a result. According to a report released by HackerOne in February 2020, hackers had collectively earned approximately $40 million from those programs in 2019. This amount is nearly equal to the bounty totals hackers received for all preceding years combined. In &
Publish At:2020-10-12 10:28 | Read:346 | Comments:0 | Tags:Risk Management Threat Hunting Threat Intelligence Bug Bount

Digital Risk Protection vs. Threat Intelligence

<div> Digital Risk Protection (DRP) continues to gain momentum and attention among CISOs and security professionals. DRP, an operational security function once classified under Threat Intelligence (TI), has been elevated by the Gartner Hype Cycle and other analyst research as an emerging security function that security teams rely on to address multip
Publish At:2020-10-09 14:40 | Read:455 | Comments:0 | Tags:Threat Intelligence Digital Risk Protection DRP

How Cybersecurity Threat Intelligence Teams Spot Attacks Before They Start

A thorough cybersecurity threat intelligence team can turn a threat into a tool for future protection. Their job is to conduct background research on threat groups’ motivations and capabilities. This way, the intelligence team can be ready to protect an organization with even greater knowledge in the future. Strong cybersecurity threat intelligence ab
Publish At:2020-10-09 12:16 | Read:332 | Comments:0 | Tags:Security Intelligence & Analytics Threat Intelligence Cybers

Thinking Outside the Dox: What IT Security Can Learn From Doxing

Doxing is rightfully regarded as a dangerous threat, potentially exposing personal information where it shouldn’t be. But, defenses derived from doxing may strengthen corporate cybersecurity at scale.  Doxing is the dark side to widespread data dispersal and discovery. Data is leveraged to harm individuals or organizations, often as retaliation f
Publish At:2020-10-06 10:10 | Read:364 | Comments:0 | Tags:Data Protection Threat Intelligence Data Data Breach Persona

Ransomware 2020: Attack Trends Affecting Organizations Worldwide

Ransomware is one of the most intractable — and common — threats facing organizations across all industries and geographies. And, incidents of ransomware attacks continue to rise. Meanwhile, ransomware threat actors are adjusting their attack model to adapt to improvements that organizations are making to recover from these attacks. As of Septem
Publish At:2020-09-30 12:45 | Read:387 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence IBM X

Key Considerations When Selecting a Web Classification Vendor

Reading Time: ~ 4 min. Since launching our web classification service in 2006, we’ve seen tremendous interest in our threat and web classification services, along with an evolution of the types and sizes of cybersecurity vendors and service providers looking to integrate this type of curated data into their product or service. Over the years, we’ve had the g
Publish At:2020-09-16 19:21 | Read:449 | Comments:0 | Tags:Business + Partners Threat Intelligence threat intelligence

Incident Response: 5 Steps to Prevent False Positives

False positive alerts in your threat intel platform can leave your team scrambling. It’s like driving to the wrong address. You reach a place, but also waste time you could have used at your intended destination. For security teams, knowing how to screen for false positives saves time and makes the team more efficient at addressing real threats. Learn
Publish At:2020-09-04 08:13 | Read:489 | Comments:0 | Tags:Threat Hunting Threat Intelligence Threat Research False Pos

Tools

Tag Cloud