HackDig : Dig high-quality web security articles for hackers

What’s New in the 2020 Cost of a Data Breach Report

In a world of uncertainty and change, it’s a comfort that some things are consistent year after year. Now in its 15th year, the annual Cost of a Data Breach Report, with research by the Ponemon Institute and published by IBM Security, continues to provide a detailed view of the financial impacts security incidents can have on organizations, with histo
Publish At:2020-07-29 08:52 | Read:101 | Comments:0 | Tags:Data Protection Threat Intelligence Threat Research Cost of

Aviation Can Anticipate an Increase in State-Sponsored Activity

The combination of lockdown measures, travel restrictions and stalling demand brought on by COVID-19 has caused an unprecedented collapse in the global air transport industry. Facing a projected loss of $84.3 billion in revenue and 32 million aviation-related jobs worldwide, nations are scrambling to provide much-needed financial support to sustain domestic
Publish At:2020-07-28 17:26 | Read:85 | Comments:0 | Tags:Advanced Threats Threat Research X-Force IRIS Incident Respo

Darknet Cybersecurity: How Finance Institutions Can Defend Themselves

Financial firms continue to move to digital-first deployments, as retail branches close, and people shift to remote work. This shift makes understanding and preventing even common darknet, or dark web, threats a priority. Financial cybersecurity investment institutions need to understand what the dark web is, provide their security teams with the tools to ex
Publish At:2020-07-28 17:26 | Read:148 | Comments:0 | Tags:Advanced Threats Data Protection Identity & Access Threat In

New Research Exposes Iranian Threat Group Operations

IBM X-Force Incident Response Intelligence Services (IRIS) has uncovered rare details on the operations of the suspected Iranian threat group ITG18, which overlaps with Charming Kitten and Phosphorous. In the past few weeks, ITG18 has been associated with targeting of  pharmaceutical companies and the U.S. presidential campaigns. Now, due to operational erro
Publish At:2020-07-16 08:09 | Read:89 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence Threa

Deciphering Between Incident Management and Crisis Management

Cyber threats come in many forms and can severely impact business operations, brand reputation, financial standing and even lead to a lawsuit. Organizations must prepare to respond and manage cyber events at different organizational levels to limit their damage and accelerate recovery. Most businesses focus on incident management or crisis management to reac
Publish At:2020-07-16 08:09 | Read:117 | Comments:0 | Tags:Incident Response Threat Intelligence Threat Research X-Forc

COVID-19 Cybercrime Capitalizing on Brazil’s Government Assistance Program

IBM X-Force Incident Response and Intelligence Services (IRIS) has been tracking cybercrime capitalizing on the coronavirus pandemic since January, and has observed the geographical areas of this activity shift over time. In February, cybercriminals were focusing on Asia, and we observed threat actors targeting potential victims in Japan with coronavirus-rel
Publish At:2020-07-07 11:48 | Read:132 | Comments:0 | Tags:Advanced Threats Threat Intelligence Threat Research X-Force

A Game of Chess: Entropy and Patterns in Threat Intelligence

During a brainstorming discussion with a colleague on the value of entropy in machine learning models, specifically the models used in threat intelligence work, I mentioned that many of the threat intelligence models in use today seem to overemphasize the pattern recognition aspect of threat intelligence through the egregious use of algorithms. By contrast,
Publish At:2020-06-23 11:55 | Read:177 | Comments:0 | Tags:Artificial Intelligence Security Intelligence & Analytics Th

WastedLocker: A New Ransomware Variant Developed By The Evil Corp Group

Authors: Nikolaos Pantazopoulos, Stefano Antenucci (@Antelox) and Michael Sandee 1. Introduction WastedLocker is a new ransomware locker we’ve detected being used since May 2020. We believe it has been in development for a number of months prior to this and was started in conjunction with a number of other changes we have seen originate from the
Publish At:2020-06-23 09:25 | Read:192 | Comments:0 | Tags:Blog Cobalt Strike Threat Intelligence evilcorp ransomware w

Multifactor Authentication: The Next Battleground

X-Force Incident Response and Intelligence Services (IRIS) has responded to multiple security incidents where multifactor authentication (MFA) was not implemented—but where implementing MFA might have significantly reduced the impact of the incident. Such incidents have even included destructive malware attacks, resulting in millions of dollars in losses and
Publish At:2020-06-11 10:22 | Read:168 | Comments:0 | Tags:Identity & Access Threat Intelligence X-Force IRIS IBM X-For

How Threat Actors Are Adapting to the Cloud

With organizations increasingly moving to cloud environments, cloud security is more critical than ever. Cloud environments often hold large troves of valuable and sensitive data that can put organizations and their customers at risk if they are breached. At the same time, many organizations are still discovering best practices surrounding cloud security and
Publish At:2020-06-10 11:12 | Read:306 | Comments:0 | Tags:Cloud Security Threat Intelligence X-Force IRIS Cloud Cloud

Your Data, Their Devices: Accounting for Cybersecurity for Personal Computers

Reading Time: ~ 3 min. Nestled within our chapter on malware in the 2020 Webroot Threat Report is a comparison of infection rates between business and personal devices. The finding that personal devices are about twice as likely as business devices to become infected was always significant, if not surprising. But the advent of the novel coronavirus—a dev
Publish At:2020-06-09 10:06 | Read:211 | Comments:0 | Tags:Managed Service Providers cyber resilience threat intelligen

German Task Force for COVID-19 Medical Equipment Targeted in Ongoing Phishing Campaign

During the course of ongoing research on coronavirus-related cyber activity, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a COVID-19 related phishing campaign targeting a German multinational corporation (MNC), associated with a German government-private sector task force to procure personal protective equipment (Task Force Schutz
Publish At:2020-06-08 06:45 | Read:195 | Comments:0 | Tags:Incident Response Threat Intelligence Threat Research Phishi

In-depth analysis of the new Team9 malware family

Author: Nikolaos Pantazopoulos Co-author: Stefano Antenucci (@Antelox) And in close collaboration with NCC’s RIFT. 1. Introduction Publicly discovered in late April 2020, the Team9 malware family (also known as ‘Bazar [1]’) appears to be a new malware being developed by the group behind Trickbot. Even though the development of the malware appears to be
Publish At:2020-06-02 16:38 | Read:172 | Comments:0 | Tags:Threat Intelligence

Winning with Cyber Threat Intelligence: Taking a More Personal View

In this final article of our trilogy, we investigate how a cyber threat intelligence (CTI) analyst and associated programmes provide insight about physical and cyber threats to your organisation. The value of these insights is reflected in the wins, which come as a result of context building, holistic understanding, and enhanced awareness in order to outmano
Publish At:2020-05-24 09:53 | Read:203 | Comments:0 | Tags:Security Awareness Cyber Threats threat analysis threat inte

What the Data Is Telling Us About the Current Rise in Security Threats During the COVID-19 Pandemic

The current pandemic has shown us what humanity stands for: kindness, care, sharing, giving and all the great values that we have as a global community, especially in hard times. In these times of need, there are multiple initiatives that are being driven by individuals and organizations alike asking for help — both in kind and cash. And, as one would expect
Publish At:2020-05-24 06:18 | Read:249 | Comments:0 | Tags:Network Threat Research Cyberattacks Cybercriminals Identity

Tools

Tag Cloud