Intelligence & Analytics – Page 2

What’s new in the 2023 Cost of a Data Breach report

Posted on July 24, 2023 by John Zorabedian

Data breach costs continue to grow, according to new research, reaching a record-high global average of $4.45 million, representing a 15% increase over three years. Costs in the healthcare industry continued to top the charts, as the most expensive industry for the 13th year in a row. Yet as breach costs continue to climb, the […]

The post What’s new in the 2023 Cost of a Data Breach report appeared first on Security Intelligence.

Continue reading What’s new in the 2023 Cost of a Data Breach report→

BlotchyQuasar: X-Force Hive0129 targeting financial intuitions in LATAM with a custom banking trojan

Posted on July 14, 2023 by Melissa Frydrych

In late April through May 2023, IBM Security X-Force found several phishing emails leading to packed executable files delivering malware we have named BlotchyQuasar, likely developed by a group X-Force tracks as Hive0129. BlotchyQuasar is hardcoded to collect credentials from multiple Latin American-based banking applications and websites used within public and private environments. Similar operations […]

The post BlotchyQuasar: X-Force Hive0129 targeting financial intuitions in LATAM with a custom banking trojan appeared first on Security Intelligence.

Continue reading BlotchyQuasar: X-Force Hive0129 targeting financial intuitions in LATAM with a custom banking trojan→

Your BOFs Are gross, Put on a Mask: How to Hide Beacon During BOF Execution

Posted on June 28, 2023 by Joshua Magri

In this post, we’ll review a simple technique that we’ve developed to encrypt Cobalt Strike’s Beacon in memory while executing BOFs to prevent a memory scan from detecting Beacon. Picture this — you’re on a red team engagement and your phish went through, your initial access payload got past EDR, your beacon is now living […]

The post Your BOFs Are gross, Put on a Mask: How to Hide Beacon During BOF Execution appeared first on Security Intelligence.

Continue reading Your BOFs Are gross, Put on a Mask: How to Hide Beacon During BOF Execution→

How Do Some Companies Get Compromised Again and Again?

Posted on June 16, 2023 by Mike Elgan

Hack me once, shame on thee. Hack me twice, shame on me. The popular email marketing company, MailChimp, suffered a data breach last year after cyberattackers exploited an internal company tool to gain access to customer accounts. The criminals were able to look at around 300 accounts and exfiltrate data on 102 customers. They also […]

The post How Do Some Companies Get Compromised Again and Again? appeared first on Security Intelligence.

Continue reading How Do Some Companies Get Compromised Again and Again?→

Going Up! How to Handle Rising Cybersecurity Costs

Posted on June 15, 2023 by Doug Bonderud

The average cost of cybersecurity systems, solutions and staff is increasing. As noted by research firm Gartner, companies will spend 11% more in 2023 than they did in 2022 to effectively handle security and risk management. This puts companies in a challenging position: If spending stays the same, IT environments are at risk. If they […]

The post Going Up! How to Handle Rising Cybersecurity Costs appeared first on Security Intelligence.

Continue reading Going Up! How to Handle Rising Cybersecurity Costs→

ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK)

Posted on June 6, 2023 by Joshua Chung

In late April 2023, IBM Security X-Force uncovered documents that are most likely part of a phishing campaign mimicking credible senders, orchestrated by a group X-Force refers to as ITG10, and aimed at delivering RokRAT malware, similar to what has been observed by others. ITG10’s tactics, techniques and procedures (TTPs) overlap with APT37 and ScarCruft. […]

The post ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK) appeared first on Security Intelligence.

Continue reading ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK)→

SOCs Spend 32% of the Day On Incidents That Pose No Threat

Posted on June 6, 2023 by Josh Nadeau

When it comes to the first line of defense for any company, its Security Operations Center (SOC) is an essential component. A SOC is a dedicated team of professionals who monitor networks and systems for potential threats, provide analysis of detected issues and take the necessary actions to remediate any risks they uncover. Unfortunately, SOC […]

The post SOCs Spend 32% of the Day On Incidents That Pose No Threat appeared first on Security Intelligence.

Continue reading SOCs Spend 32% of the Day On Incidents That Pose No Threat→

BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration

Posted on May 30, 2023 by IBM Security X-Force Team

This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, and Diego Matos Martins. BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to the 2023 X-Force Threat Intelligence Index, continues to wreak havoc across organizations globally this year. BlackCat (a.k.a. […]

The post BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration appeared first on Security Intelligence.

Continue reading BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration→

Despite Tech Layoffs, Cybersecurity Positions are Hiring

Posted on May 26, 2023 by Jennifer Gregory

It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals […]

The post Despite Tech Layoffs, Cybersecurity Positions are Hiring appeared first on Security Intelligence.

Continue reading Despite Tech Layoffs, Cybersecurity Positions are Hiring→