PixPirate: The Brazilian financial malware you can’t see

Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a […]

The post PixPirate: The Brazilian financial malware you can’t see appeared first on Security Intelligence.

Continue reading PixPirate: The Brazilian financial malware you can’t see

Web injections are back on the rise: 40+ banks affected by new malware campaign

Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript […]

The post Web injections are back on the rise: 40+ banks affected by new malware campaign appeared first on Security Intelligence.

Continue reading Web injections are back on the rise: 40+ banks affected by new malware campaign

How IBM secures the U.S. Open

More than 15 million tennis fans around the world visited the US Open app and website this year, checking scores, poring over statistics and watching highlights from hundreds of matches over the two weeks of the tournament. To help develop this world-class digital experience, IBM Consulting worked closely with the USTA, developing powerful generative AI […]

The post How IBM secures the U.S. Open appeared first on Security Intelligence.

Continue reading How IBM secures the U.S. Open

What’s new in the 2023 Cost of a Data Breach report

Data breach costs continue to grow, according to new research, reaching a record-high global average of $4.45 million, representing a 15% increase over three years. Costs in the healthcare industry continued to top the charts, as the most expensive industry for the 13th year in a row. Yet as breach costs continue to climb, the […]

The post What’s new in the 2023 Cost of a Data Breach report appeared first on Security Intelligence.

Continue reading What’s new in the 2023 Cost of a Data Breach report

When Logs Are Out, Enhanced Analytics Stay In

I was talking to an analyst firm the other day. They told me that a lot of organizations purchase a security information and event management (SIEM) solution and then “place it on the shelf.” “Why would they do that?” I asked. I spent the majority of my career in hardware — enterprise hardware, cloud hardware, […]

The post When Logs Are Out, Enhanced Analytics Stay In appeared first on Security Intelligence.

Continue reading When Logs Are Out, Enhanced Analytics Stay In

What Is Customer Identity Access Management (CIAM)?

Customer identity access management (CIAM) solutions enable companies to manage more than just customer information. CIAM makes it possible to manage data-sharing consent, self-service customer registration, account management, single sign-on and multi-factor authentication (MFA) across channels (mobile, web, apps, etc.). So, what exactly is it? And how does it work? CIAM is a method of […]

The post What Is Customer Identity Access Management (CIAM)? appeared first on Security Intelligence.

Continue reading What Is Customer Identity Access Management (CIAM)?

What Is a Botnet Attack? A Guide for Security Professionals

What is a botnet attack, and how do you stop one? A botnet (derived from ‘robot network’) is a large group of malware-infected internet-connected devices and computers controlled by a single operator. Attackers use these compromised devices to launch large-scale attacks to disrupt services, steal credentials and gain unauthorized access to critical systems. The botnet […]

The post What Is a Botnet Attack? A Guide for Security Professionals appeared first on Security Intelligence.

Continue reading What Is a Botnet Attack? A Guide for Security Professionals

10 Open-Source Intelligence Tools (That Actually Work With Your Existing Security Software)

Finding the Open Source Intelligence (OSINT) that affects your business or agency can help reduce your attack surface. You just have to find it first. Take a look at how OSINT works and how to secure it. According to the Office of the Director of National Intelligence, Open Source Intelligence (OSINT) “is publicly available information […]

The post 10 Open-Source Intelligence Tools (That Actually Work With Your Existing Security Software) appeared first on Security Intelligence.

Continue reading 10 Open-Source Intelligence Tools (That Actually Work With Your Existing Security Software)

Asset Management – Back To The Roots

Asset management is one of the core components of may successful security programs. I am an advisor to Panaseer, a startup in the continuous compliance management space. I recently co-authored a blog post on my favorite security metric that is related … Continue reading Asset Management – Back To The Roots

The Journey to Simplicity: User Experience in Security

Keeping an organization secure is no easy task, especially with the explosion in cloud adoption and digital transformation against a backdrop of increasingly dangerous threats and threat actors. We can all recite the challenges that security teams struggle with — too many solutions, not enough people, not enough visibility. With the average organization deploying 25 […]

The post The Journey to Simplicity: User Experience in Security appeared first on Security Intelligence.

Continue reading The Journey to Simplicity: User Experience in Security