threat hunting – Page 10 – WindowsTechs.com

TrickBot Bolsters Layered Defenses to Prevent Injection Research

Posted on January 24, 2022 by Michael Gal

This post was written with contributions from IBM X-Force’s Limor Kessem and Charlotte Hammond. The cyber crime gang that operates the TrickBot Trojan, as well as other malware and ransomware attacks, has been escalating activity. As part of that escalation, malware injections have been fitted with added protection to keep researchers out and get through […]

The post TrickBot Bolsters Layered Defenses to Prevent Injection Research appeared first on Security Intelligence.

Continue reading TrickBot Bolsters Layered Defenses to Prevent Injection Research→

Insider Threats: How to Combat Workplace Disinformation

Posted on January 19, 2022 by Jonathan Reed

Who hasn’t heard about disinformation or fake news? And for those responsible for security, who hasn’t heard about the risk of insider threats? Both issues are well known, but how disinformation can affect cyber risk management might not be so obvious. This article won’t tell you who’s right or wrong in a political debate. Instead, […]

The post Insider Threats: How to Combat Workplace Disinformation appeared first on Security Intelligence.

Continue reading Insider Threats: How to Combat Workplace Disinformation→

What It Takes to Build the Blue Team of Tomorrow

Posted on January 17, 2022 by David Bisson

A good defense takes some testing. Ethical hacking involves pitting two teams together for the sake of strengthening digital security defenses. The red team attempts to bypass digital security barriers. By doing so, they reveal both misconceptions and flaws in their employer’s attack detection. Then, the blue team tries to defend against the red team’s […]

The post What It Takes to Build the Blue Team of Tomorrow appeared first on Security Intelligence.

Continue reading What It Takes to Build the Blue Team of Tomorrow→

The Best Threat Hunters Are Human

Posted on January 13, 2022 by Abby Ross

“You won’t know you have a problem unless you go and look.” Neil Wyler, who is known as ‘Grifter’ in the hacker community, made that statement as a precursor to an unforgettable story. An organization hired Grifter to perform active threat hunting. In a nutshell, active threat hunting entails looking for an attacker inside an […]

The post The Best Threat Hunters Are Human appeared first on Security Intelligence.

Continue reading The Best Threat Hunters Are Human→

5 Things New with Bug Bounty Programs

Posted on January 7, 2022 by David Bisson

On September 29, HackerOne announced the latest version of its Internet Bug Bounty (IBB) program. This initiative helped to coordinate the discovery of more than 1,000 security weaknesses in open-source software between 2013 and 2021. HackerOne’s latest version aims to expand the reach of the program even further by pooling defenses from existing bug bounties, […]

The post 5 Things New with Bug Bounty Programs appeared first on Security Intelligence.

Continue reading 5 Things New with Bug Bounty Programs→

An ‘Attack Path’ Mapping Approach to CVEs 2021-42287 and 2021-42278

Posted on January 6, 2022 by Amanda Mates

1.0 Introduction On Friday, December 10, 2021, Charlie Clark (@exploitph) published a blog post detailing the weaponization of CVEs 2021-42287 and 2021-42278. In the blog post, Charlie extensively covered the background of the vulnerabilities, how the vulnerabilities were weaponized into Rubeus, with help from Ceri Coburn (@_EthicalChaos_), the full ‘attack chain,’ mitigations, and some detections….

The post An ‘Attack Path’ Mapping Approach to CVEs 2021-42287 and 2021-42278 appeared first on TrustedSec.

Continue reading An ‘Attack Path’ Mapping Approach to CVEs 2021-42287 and 2021-42278→

Cyber Awareness 2022: Consider Deepfakes, NFTs and More

Posted on January 6, 2022 by Jonathan Reed

From deepfakes to crypto crime to in-flight drone-based data theft, cyber awareness in 2022 will look a bit different. Good cyber awareness means knowing these risks, even if some of them sound stranger than science fiction. Cyber Awareness and Deepfake Crime What if you got a phone call from a trusted friend or colleague to […]

The post Cyber Awareness 2022: Consider Deepfakes, NFTs and More appeared first on Security Intelligence.

Continue reading Cyber Awareness 2022: Consider Deepfakes, NFTs and More→

Intelligent Adversary Engagement: Deceiving the Attacker

Posted on December 30, 2021 by Stefan Grimminck

Traditional security isn’t always enough to keep attackers at bay. When it comes to sneaking into networks, detection will often only come after malicious traffic reaches systems such as next-generation firewalls and intrusion detection and prevention systems. Meanwhile, threat actors have free range. But if you can trick the attacker attempting to trick you, it’s […]

The post Intelligent Adversary Engagement: Deceiving the Attacker appeared first on Security Intelligence.

Continue reading Intelligent Adversary Engagement: Deceiving the Attacker→

Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them

Posted on December 18, 2021 by Dereck Stubbs

You’d have to look far and wide to find an IT professional who isn’t aware of (and probably responding to) the Log4Shell vulnerability. The Operational Technology (OT) sector is no exception, yet the exact exposure the vulnerability poses to OT technology is yet to be fully uncovered. The vulnerability was first made public earlier this […]

The post Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them appeared first on Security Intelligence.

Continue reading Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them→

Nation State Threat Group Targets Airline with Aclip Backdoor

Posted on December 15, 2021 by Melissa Frydrych

In March 2021, IBM Security X-Force observed an attack on an Asian airline that we assess was likely compromised by a state-sponsored adversary using a new backdoor that utilizes Slack. The adversary leveraged free workspaces on Slack, a legitimate messaging and collaboration application likely to obfuscate operational communications, allowing malicious traffic, or traffic with underlying […]

The post Nation State Threat Group Targets Airline with Aclip Backdoor appeared first on Security Intelligence.

Continue reading Nation State Threat Group Targets Airline with Aclip Backdoor→