Category Archives: Black Hat USA

Controlling the Source: Abusing Source Code Management Systems

Posted on by

For full details on this research, see the X-Force Red whitepaper “Controlling the Source: Abusing Source Code Management Systems”. This material is also being presented at Black Hat USA 2022. Source Code Management (SCM) systems play a vital role within organizations and have been an afterthought in terms of defenses compared to other critical enterprise […]

The post Controlling the Source: Abusing Source Code Management Systems appeared first on Security Intelligence.

Continue reading Controlling the Source: Abusing Source Code Management Systems

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

Posted on by

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on […]

The post Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program appeared first on Security Intelligence.

Continue reading Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group

Posted on by

This blog supplements a Black Hat USA 2021 talk given August 2021.  IBM Security X-Force threat intelligence researchers continue to track the infrastructure and activity of a suspected Iranian threat group ITG18. This group’s tactics, techniques and procedures(TTPs) overlap with groups known as Charming Kitten, Phosphorus and TA453. Since our initial report on the group’s training […]

The post ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group appeared first on Security Intelligence.

Continue reading ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group

Anitian Named Winner in Prestigious Black Unicorn Awards at Black Hat 2021

Posted on by

Cloud application security and compliance automation leader recognized as potential $1B cybersecurity unicorn by industry-leading judges. Link to release via PR Newswire BLACK HAT USA 2021 CONFERENCE, LAS VEGAS — August 2, 2021 — Anitian, the leading c… Continue reading Anitian Named Winner in Prestigious Black Unicorn Awards at Black Hat 2021

Everything Cybereason at the Black Hat 2021 Virtual Conference

Posted on by

The Cybereason team is excited to have you join us at Black Hat 2021 on August 4th from 8:30AM to 5PM PST, and on August 5th from 8:30AM to 4PM PST! Stop by the “virtual” Cybereason booth and automatically be entered to win a Sonos Roam Speaker an… Continue reading Everything Cybereason at the Black Hat 2021 Virtual Conference

Everything Cybereason at the Black Hat 2021 Virtual Conference

Posted on by

The Cybereason team is excited to have you join us at Black Hat 2021 on August 4th from 8:30AM to 5PM PST, and on August 5th from 8:30AM to 4PM PST! Stop by the “virtual” Cybereason booth and automatically be entered to win a Sonos Roam Speaker an… Continue reading Everything Cybereason at the Black Hat 2021 Virtual Conference

Black Hat 2020: Mercedes-Benz E-Series Rife with 19 Bugs

Posted on by

Researchers went into detail about the discovery and disclosure of 19 security flaws they found in Mercedes-Benz vehicles, which have all been fixed. Continue reading Black Hat 2020: Mercedes-Benz E-Series Rife with 19 Bugs

‘Lamphone’ Hack Uses Lightbulb Vibrations to Eavesdrop on Homes

Posted on by

A new hack allowed researchers to discern sound — including “Let it Be” by the Beatles, and audio from a Donald Trump speech — from lightbulb vibrations. Continue reading ‘Lamphone’ Hack Uses Lightbulb Vibrations to Eavesdrop on Homes