A Look at HTTP Parameter Pollution and How To Prevent It

With HTTP Parameter Pollution (HPP) attacks, threat actors can hide scripts and processes in URLs. First discovered in 1999, this technique can also allow threat actors to pollute the parameters in the URL and the request body. This could lead to behavior changes in the app, such as cross-site scripting, privilege changes or granting unwanted […]

The post A Look at HTTP Parameter Pollution and How To Prevent It appeared first on Security Intelligence.

Continue reading A Look at HTTP Parameter Pollution and How To Prevent It

Defending the Oil and Gas Industry Against Cyber Threats

The oil and gas industry is one of the most powerful financial sectors in the world, critical to global and national economies. Therefore, this industry is a valuable target for adversaries seeking to exploit Industrial Control Systems (ICS) vulnerabilities. As the recent increase in attacks against ICS demonstrates, adversaries with a specific interest in oil and […]

The post Defending the Oil and Gas Industry Against Cyber Threats appeared first on Security Intelligence.

Continue reading Defending the Oil and Gas Industry Against Cyber Threats

Threat Hunting Techniques: A Quick Guide

Threat hunting is an essential part of security operations center services and should be incorporated at an early stage. Threat hunting is the art of finding the unknowns in the environment, going beyond traditional detection technologies, such as security information and event management (SIEM), endpoint detection and response (EDR) and others. There are multiple methods […]

The post Threat Hunting Techniques: A Quick Guide appeared first on Security Intelligence.

Continue reading Threat Hunting Techniques: A Quick Guide

Build a Roadmap for Cyber Resilience

The current information security landscape is rapidly evolving. According to the latest research from IBM Security and the Ponemon Institute’s 2020 Cyber Resilient Organization Report, 67% of organizations reported that the volume of attacks had significantly increased over the past 12 months. It’s not just the amount of attacks that grew; 64% of organizations also […]

The post Build a Roadmap for Cyber Resilience appeared first on Security Intelligence.

Continue reading Build a Roadmap for Cyber Resilience

Leveraging Open Source Can be Powerful for Cybersecurity

Security vendors and end users have access to the same technology and resources, if not more, than the threat actor community. However, the area where cybersecurity falls short as an industry is teamwork. Vendors and end users rarely talk to each other as a broader force. Thus, while innovation may happen for individual products, that […]

The post Leveraging Open Source Can be Powerful for Cybersecurity appeared first on Security Intelligence.

Continue reading Leveraging Open Source Can be Powerful for Cybersecurity

Securing Travel and Transportation Operations

Transportation networks are foundational to our modern way of life. The current restrictions on global movement and the corresponding reduction in demand for travel and transportation services, while profound, are temporary. Forecasting future demand and capacity requirements is nearly impossible. But, the travel and transportation industries are part of the country’s critical infrastructure. They will return […]

The post Securing Travel and Transportation Operations appeared first on Security Intelligence.

Continue reading Securing Travel and Transportation Operations

New Research Exposes Iranian Threat Group Operations

IBM X-Force Incident Response Intelligence Services (IRIS) has uncovered rare details on the operations of the suspected Iranian threat group ITG18, which overlaps with Charming Kitten and Phosphorous. In the past few weeks, ITG18 has been associated with targeting of  pharmaceutical companies and the U.S. presidential campaigns. Now, due to operational errors—a basic misconfiguration—by suspected […]

The post New Research Exposes Iranian Threat Group Operations appeared first on Security Intelligence.

Continue reading New Research Exposes Iranian Threat Group Operations

Download Guide — Advanced Threat Protection Beyond the AV

At a certain point, almost every organization reaches the conclusion that there is a need to move past just the standard AV and firewall stack in order to soundly protect their environment.

The common practice in recent years is to gain extra protecti… Continue reading Download Guide — Advanced Threat Protection Beyond the AV

What Is Threat Management? Common Challenges and Best Practices

Threat management is a framework often used by cybersecurity professionals to manage the life cycle of a threat in an effort to identify and respond to it with speed and accuracy.

The post What Is Threat Management? Common Challenges and Best Practices appeared first on Security Intelligence.

Continue reading What Is Threat Management? Common Challenges and Best Practices

Bitglass Security Spotlight: Vulnerability Found on TikTok Platform

Here are the top stories of recent weeks:

Security Vulnerability Found on TikTok Platform Jeopardized More Than One Billion Users
Cyber Attack Warning Issued to Businesses by Homeland Security
New Data Wiper Malware Compromises Bapco, a Leading Oil C… Continue reading Bitglass Security Spotlight: Vulnerability Found on TikTok Platform