IBM X-Force Research – Page 9

The Hottest Cybersecurity Must-Reads for the Busy Security Practitioner

Posted on June 16, 2021 by Salina Wuttke

You’re busy. We get that. Let’s suppose you’re like most of your colleagues in security. In that case, it’s almost like Groundhog Day. It starts with chasing the latest threat and protecting your company or agency from attacks. It ends with you wondering where the last eight (or more) hours went. This leaves you little […]

The post The Hottest Cybersecurity Must-Reads for the Busy Security Practitioner appeared first on Security Intelligence.

Continue reading The Hottest Cybersecurity Must-Reads for the Busy Security Practitioner→

Hackers Launch Cyberattack via U.S. Aid Agency Email Accounts

Posted on May 28, 2021 by Nick Rossmann

Microsoft announced a Russian threat group (ITG05, aka Nobellium, APT28) also thought to be behind the SolarWinds attack conducted an email campaign masquerading as the U.S. Agency for International Development. Microsoft reports that while organizations in the United States received the largest share of attacks, targeted victims span at least 24 countries. The earlier campaign […]

The post Hackers Launch Cyberattack via U.S. Aid Agency Email Accounts appeared first on Security Intelligence.

Continue reading Hackers Launch Cyberattack via U.S. Aid Agency Email Accounts→

Everyone Wants to Build a Cyber Range: Should You?

Posted on May 27, 2021 by Matthew Dobbs

In the last few years, IBM X-Force has seen an unprecedented increase in requests to build cyber ranges. By cyber ranges, we mean facilities or online spaces that enable team training and exercises of cyberattack responses. Companies understand the need to drill their plans based on real-world conditions and using real tools, attacks and procedures. […]

The post Everyone Wants to Build a Cyber Range: Should You? appeared first on Security Intelligence.

Continue reading Everyone Wants to Build a Cyber Range: Should You?→

Applying the Invisibility Cloak: Obfuscate C# Tools to Evade Signature-Based Detection

Posted on May 25, 2021 by Brett Hawkins

This is the first in a new series from our offensive security experts at X-Force Red sharing research, resources and recommendations to help you harden your defenses and protect your most important assets. Attackers and offensive security professionals have been migrating from PowerShell to C# for post-exploitation toolkits due to advances in security product configurations […]

The post Applying the Invisibility Cloak: Obfuscate C# Tools to Evade Signature-Based Detection appeared first on Security Intelligence.

Continue reading Applying the Invisibility Cloak: Obfuscate C# Tools to Evade Signature-Based Detection→

Don’t Make Headlines Over an Insider Incident: Lessons From the Frontlines

Posted on May 4, 2021 by Chris Caridi

On the path to becoming more cyber secure, organizations across the globe spend an estimated $60 billion per year to defend their assets, recruit talent and work to prevent and respond to cyberattacks. Moreover, security spending is expected to rise another 10% in 2021. But while much of an organization’s security focus and spending is […]

The post Don’t Make Headlines Over an Insider Incident: Lessons From the Frontlines appeared first on Security Intelligence.

Continue reading Don’t Make Headlines Over an Insider Incident: Lessons From the Frontlines→

3 Ransomware Threats in 2021 and How to Protect Against Them

Posted on April 30, 2021 by Jennifer Gregory

I’m sure I’m not the only one who expected the world to magically get back to normal — whatever that is — when the ball dropped on 2021. After seeing a rise in threats last year, no more ransomware, or at least fewer attacks, was on my very long wish list for a wonderful new […]

The post 3 Ransomware Threats in 2021 and How to Protect Against Them appeared first on Security Intelligence.

Continue reading 3 Ransomware Threats in 2021 and How to Protect Against Them→

How Cybersecurity Threat Intelligence Teams Spot Attacks Before They Start

Posted on October 9, 2020 by Camille Singleton

A thorough cybersecurity threat intelligence team can turn a threat into a tool for future protection. Their job is to conduct background research on threat groups’ motivations and capabilities. This way, the intelligence team can be ready to protect an organization with even greater knowledge in the future. Strong cybersecurity threat intelligence about who attackers […]

The post How Cybersecurity Threat Intelligence Teams Spot Attacks Before They Start appeared first on Security Intelligence.

Continue reading How Cybersecurity Threat Intelligence Teams Spot Attacks Before They Start→

Ransomware 2020: Attack Trends Affecting Organizations Worldwide

Posted on September 28, 2020 by Camille Singleton

Ransomware is one of the most intractable — and common — threats facing organizations across all industries and geographies. And, incidents of ransomware attacks continue to rise. Meanwhile, ransomware threat actors are adjusting their attack model to adapt to improvements that organizations are making to recover from these attacks. As of September 2020, one in […]

The post Ransomware 2020: Attack Trends Affecting Organizations Worldwide appeared first on Security Intelligence.

Continue reading Ransomware 2020: Attack Trends Affecting Organizations Worldwide→

New Vulnerability Could Put IoT Devices at Risk

Posted on August 19, 2020 by Adam Laurie

Society relies so heavily on technology that the number of internet connected devices used globally is predicted to grow to 55.9 billion by 2025. Many of these devices span parts of Industrial Control Systems (ICS) that impact the physical world, assist us in our daily lives at home and monitor and automate everything from energy […]

The post New Vulnerability Could Put IoT Devices at Risk appeared first on Security Intelligence.

Continue reading New Vulnerability Could Put IoT Devices at Risk→

New Ponemon Report: A Programmatic Approach to Vulnerability Management for Hybrid Multicloud

Posted on August 17, 2020 by Charles Henderson

X-Force Red is unveiling a new research study, conducted by the Ponemon Institute, that highlights vulnerability management challenges for on-premises and cloud environments: in other words, hybrid multicloud. The report, “The State of Vulnerability Management in the Cloud and On-Premises,” is based on a global survey of 1,848 IT and IT security professionals in North […]

The post New Ponemon Report: A Programmatic Approach to Vulnerability Management for Hybrid Multicloud appeared first on Security Intelligence.

Continue reading New Ponemon Report: A Programmatic Approach to Vulnerability Management for Hybrid Multicloud→