Endpoint – Page 2 – WindowsTechs.com

The Needs of a Modernized SOC for Hybrid Cloud

Posted on April 24, 2023 by Chris Meenan

Cybersecurity has made a lot of progress over the last ten years. Improved standards (e.g., MITRE), threat intelligence, processes and technology have significantly helped improve visibility, automate information gathering (SOAR) and many manual tasks. Additionally, new analytics (UEBA/SIEM) and endpoint (EDR) technologies can detect and often stop entire classes of threats. Now we are seeing […]

The post The Needs of a Modernized SOC for Hybrid Cloud appeared first on Security Intelligence.

Continue reading The Needs of a Modernized SOC for Hybrid Cloud→

X-Force Identifies Vulnerability in IoT Platform

Posted on April 5, 2023 by Katherine Bianco Vega

The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a […]

The post X-Force Identifies Vulnerability in IoT Platform appeared first on Security Intelligence.

Continue reading X-Force Identifies Vulnerability in IoT Platform→

X-Force Prevents Zero Day from Going Anywhere

Posted on March 30, 2023 by John Dwyer

This blog was made possible through contributions from Fred Chidsey and Joseph Lozowski. The X-Force Vulnerability and Exploit Database shows that the number of zero days being released each year is on the rise, but X-Force has observed that only a few of these zero days are rapidly adopted by cyber criminals each year. While […]

The post X-Force Prevents Zero Day from Going Anywhere appeared first on Security Intelligence.

Continue reading X-Force Prevents Zero Day from Going Anywhere→

Why Endpoint Resilience Matters

Posted on March 30, 2023 by Torsten George

When establishing visibility and security controls across endpoints, security professionals need to understand that each endpoint bears some or all responsibility for its own security.
The post Why Endpoint Resilience Matters appeared first on Security… Continue reading Why Endpoint Resilience Matters→

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

Posted on March 21, 2023 by Valentina Palmiotti

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption […]

The post Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours appeared first on Security Intelligence.

Continue reading Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours→

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

Posted on March 20, 2023 by John Dwyer

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as […]

The post When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule appeared first on Security Intelligence.

Continue reading When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule→

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

Posted on February 24, 2023 by Moez Kamel

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly […]

The post Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space appeared first on Security Intelligence.

Continue reading Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space→

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Posted on February 22, 2023 by Mitch Mayne

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands […]

The post Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023 appeared first on Security Intelligence.

Continue reading Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023→

Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers

Posted on February 21, 2023 by Ruben Boonen

Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers are using this technique to achieve their objectives. It is therefore important that we put […]

The post Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers appeared first on Security Intelligence.

Continue reading Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers→

Cybersecurity in the Next-Generation Space Age, Pt. 1: Introduction to New Space

Posted on February 8, 2023 by Moez Kamel

Working as a cybersecurity engineer for many years, and closely following the rapid evolution of the space ecosystem, I wholeheartedly believe that space systems today are targets of cyberattacks more than ever. The purpose of this article is to give you a glimpse of cybersecurity threats and challenges facing the New Space economy and ecosystem, […]

The post Cybersecurity in the Next-Generation Space Age, Pt. 1: Introduction to New Space appeared first on Security Intelligence.

Continue reading Cybersecurity in the Next-Generation Space Age, Pt. 1: Introduction to New Space→