Multifactor Authentication (MFA)

Self-replicating Morris II worm targets AI email assistants

Posted on June 12, 2024 by Shaik Zakeer

The proliferation of generative artificial intelligence (GenAI) email assistants such as OpenAI’s GPT-3 and Google’s Smart Compose has revolutionized communication workflows. Unfortunately, it has also introduced novel attack vectors for cyber criminals. Leveraging recent advancements in AI and natural language processing, malicious actors can exploit vulnerabilities in GenAI systems to orchestrate sophisticated cyberattacks with far-reaching […]

The post Self-replicating Morris II worm targets AI email assistants appeared first on Security Intelligence.

Continue reading Self-replicating Morris II worm targets AI email assistants→

Attacker exploits vulnerability in Active Directory Certificate Services to take control of domain

Posted on July 18, 2023 by John Dwyer

This post was made possible through the contributions of Joseph Spero and Thanassis Diogos. In June 2023, IBM Security X-Force responded to an incident where a client had received alerts from their security tooling regarding potential malicious activity originating from a system within their network targeting a domain controller. X-Force analysis revealed that an attacker […]

The post Attacker exploits vulnerability in Active Directory Certificate Services to take control of domain appeared first on Security Intelligence.

Continue reading Attacker exploits vulnerability in Active Directory Certificate Services to take control of domain→

Six Ways to Secure Your Organization on a Smaller Budget

Posted on March 23, 2023 by Jennifer Gregory

My LinkedIn feed has been filled with connections announcing they have been laid off and are looking for work. While it seems that no industry has been spared from uncertainty, my feed suggests tech has been hit the hardest. Headlines confirm my anecdotal experience. Many companies must now protect their systems from more sophisticated threats […]

The post Six Ways to Secure Your Organization on a Smaller Budget appeared first on Security Intelligence.

Continue reading Six Ways to Secure Your Organization on a Smaller Budget→

Breaking Down a Cyberattack, One Kill Chain Step at a Time

Posted on March 14, 2023 by Mark Stone

In today’s wildly unpredictable threat landscape, the modern enterprise should be familiar with the cyber kill chain concept. A cyber kill chain describes the various stages of a cyberattack pertaining to network security. Lockheed Martin developed the cyber kill chain framework to help organizations identify and prevent cyber intrusions. The steps in a kill chain […]

The post Breaking Down a Cyberattack, One Kill Chain Step at a Time appeared first on Security Intelligence.

Continue reading Breaking Down a Cyberattack, One Kill Chain Step at a Time→

How Breached Companies Become the Face of Change

Posted on February 27, 2023 by Jennifer Gregory

I’ve always told my kids that everyone makes mistakes. What really matters is how you handle them and that you learn from what happened. SolarWinds followed the same thinking in how it handled its 2020 breach. Not only did the company write its comeback story to help improve its reputation, but it is also working […]

The post How Breached Companies Become the Face of Change appeared first on Security Intelligence.

Continue reading How Breached Companies Become the Face of Change→

Avoid Being a Downstream Victim of Service Provider Attacks

Posted on February 13, 2023 by Jennifer Gregory

Attacks on service providers are mounting — and so are downstream victims. Earlier this year, some customers of the cloud service provider DigitalOcean received emails instructing them to reset their passwords. These users hadn’t actually forgotten their passwords — their email addresses had been compromised in a data breach. But the cybersecurity incident didn’t start […]

The post Avoid Being a Downstream Victim of Service Provider Attacks appeared first on Security Intelligence.

Continue reading Avoid Being a Downstream Victim of Service Provider Attacks→

An IBM Hacker Breaks Down High-Profile Attacks

Posted on January 24, 2023 by Mark Stone

On September 19, 2022, an 18-year-old cyberattacker known as “teapotuberhacker” (aka TeaPot) allegedly breached the Slack messages of game developer Rockstar Games. Using this access, they pilfered over 90 videos of the upcoming Grand Theft Auto VI game. They then posted those videos on the fan website GTAForums.com. Gamers got an unsanctioned sneak peek of […]

The post An IBM Hacker Breaks Down High-Profile Attacks appeared first on Security Intelligence.

Continue reading An IBM Hacker Breaks Down High-Profile Attacks→

4 Most Common Cyberattack Patterns from 2022

Posted on December 20, 2022 by Mark Stone

As 2022 comes to an end, cybersecurity teams globally are taking the opportunity to reflect on the past 12 months and draw whatever conclusions and insights they can about the threat landscape. It has been a challenging year for security teams. A major conflict in Europe, a persistently remote workforce and a series of large-scale […]

The post 4 Most Common Cyberattack Patterns from 2022 appeared first on Security Intelligence.

Continue reading 4 Most Common Cyberattack Patterns from 2022→

The Cybersecurity Takeaway from Twitter’s Verification Chaos

Posted on December 16, 2022 by Mike Elgan

Twitter has been verifiably bonkers since electric car and rocket mogul Elon Musk took over and reworked the social network’s long-standing verification system. This provides a valuable lesson about the link between verification or authentication and between security and usability. It all started in early October when Musk closed the Twitter deal and claimed that […]

The post The Cybersecurity Takeaway from Twitter’s Verification Chaos appeared first on Security Intelligence.

Continue reading The Cybersecurity Takeaway from Twitter’s Verification Chaos→

How to Keep Your Secrets Safe: A Password Primer

Posted on October 20, 2022 by Dustin Heywood

There are two kinds of companies in the world: those that have been breached by unethical hackers, and those that have been breached and don’t know it yet. Hackers are relentless. Today’s cyberattacks have evolved into high-level espionage perpetrated by robust criminal organizations or nation-states. In the era of software as a service (SaaS), enterprise […]

The post How to Keep Your Secrets Safe: A Password Primer appeared first on Security Intelligence.

Continue reading How to Keep Your Secrets Safe: A Password Primer→