Collaborate Disseminate
Every tweet, text, bank transaction, Google search and DoorDash order is part of your digital shadow. We all have one, and the contents of your shadow aren’t always private. For example, in April 2021 attackers leaked data containing the personal information of over 533 million Facebook users from 106 countries. Sure, you might want your tweet […]
The post Digital Shadows Weaken Your Attack Surface appeared first on Security Intelligence.
Often, when you read about cybersecurity, the advice appears to be ‘one size fits all’. People recommend the same things, regardless of if the business is two people in a home office or a global group with 100,000 employees. In some ways, the underlying concepts of cybersecurity are the same for all companies. However, the […]
The post One Size Does Not Fit All Organizations appeared first on Security Intelligence.
When Liza Minnelli sang that famous tune, “Money makes the world go around,” she should have added one more word: time. Time makes the world go around. It’s that one agreed-upon part of life that the world shares. From laptops to phones to wall clocks to just about every other technology, time is everywhere, controlling […]
The post An Attack Against Time appeared first on Security Intelligence.
The DigiNotar attack in 2011 set itself apart because it was an attack on the cybersecurity industry itself. Most attacks are on a single company. But this one shook trust in cybersecurity tools and how users decide whom to trust online. After covering this industry for years, I’ve seen firsthand how cyber attacks don’t happen […]
The post How the 2011 DigiNotar Attacks Changed Cybersecurity for the Next Decade appeared first on Security Intelligence.
Continue reading How the 2011 DigiNotar Attacks Changed Cybersecurity for the Next Decade
Most organizations take what you might call an active approach to cybersecurity, They’re prepared to do certain things once an attack happens. Or, they take a reactive approach, taking action after an attack is completed. A proactive cybersecurity strategy is about acting before any attack occurs; it’s a good cybersecurity posture of readiness. Take a […]
The post What Is Proactive Cybersecurity? appeared first on Security Intelligence.
Ransomware actors are specializing, collaborating and assisting each other to conduct sophisticated attacks that are becoming increasingly difficult to prevent. Combating these groups effectively similarly requires a team approach — specialization, understanding tactics and techniques and how to counter them and cutting off activity at its source. Arguably, it has never been more imperative that […]
The post Dissecting Sodinokibi Ransomware Attacks: Bringing Incident Response and Intelligence Together in the Fight appeared first on Security Intelligence.
The world of cyber insurance is in a state of flux. The reason: ransomware creates huge financial impacts. And how it will change insurance in the future is unclear. The insurance industry is struggling to develop cyber liability insurance offerings. Meanwhile, history is proving to be a poor guide to what comes next. Welcome to […]
The post How Ransomware Trends Are Changing Cyber Insurance appeared first on Security Intelligence.
Continue reading How Ransomware Trends Are Changing Cyber Insurance
Recently, X-Force Red released a tool called Windows Feature Hunter, which identifies targets for dynamic link library (DLL) side-loading on a Windows system using Frida. To provide a defensive counter-measure perspective for DLL side-loading, X-Force Incident Response has released SideLoaderHunter, which is a system profiling script and Sysmon configuration designed to identify evidence of side-loading […]
The post Hunting for Evidence of DLL Side-Loading With PowerShell and Sysmon appeared first on Security Intelligence.
Continue reading Hunting for Evidence of DLL Side-Loading With PowerShell and Sysmon
I’d wager few people had ever heard of Oldsmar, Florida, prior to 2021. That all changed in February when the city made headlines. The reason? An Internet of things (IoT) security incident moved into the physical world. A Tale of Lifted Lye Levels At 8 a.m. local time on February 5, 2021, an operator at […]
The post Poison in the Water: The Physical Repercussions of IoT Security Threats appeared first on Security Intelligence.
Continue reading Poison in the Water: The Physical Repercussions of IoT Security Threats
Gas shortages caused panic after the Colonial Pipeline attack two weeks ago. This highlights how digital attacks can break into the real world in a big way. Specifically, the Colonial Pipeline attack blends crypto-locking data with data exfiltration and extortion, as well as other threats to infrastructure. How did the attackers do it, and what […]
The post Your May 2021 Security Intelligence Roundup: The DarkSide Ransomware Attack, Better Zoom Meetings, and How To Secure OpTech appeared first on Security Intelligence.