Collaborate Disseminate
“You won’t know you have a problem unless you go and look.” Neil Wyler, who is known as ‘Grifter’ in the hacker community, made that statement as a precursor to an unforgettable story. An organization hired Grifter to perform active threat hunting. In a nutshell, active threat hunting entails looking for an attacker inside an […]
The post The Best Threat Hunters Are Human appeared first on Security Intelligence.
On September 29, HackerOne announced the latest version of its Internet Bug Bounty (IBB) program. This initiative helped to coordinate the discovery of more than 1,000 security weaknesses in open-source software between 2013 and 2021. HackerOne’s latest version aims to expand the reach of the program even further by pooling defenses from existing bug bounties, […]
The post 5 Things New with Bug Bounty Programs appeared first on Security Intelligence.
1.0 Introduction On Friday, December 10, 2021, Charlie Clark (@exploitph) published a blog post detailing the weaponization of CVEs 2021-42287 and 2021-42278. In the blog post, Charlie extensively covered the background of the vulnerabilities, how the vulnerabilities were weaponized into Rubeus, with help from Ceri Coburn (@_EthicalChaos_), the full ‘attack chain,’ mitigations, and some detections….
The post An ‘Attack Path’ Mapping Approach to CVEs 2021-42287 and 2021-42278 appeared first on TrustedSec.
Continue reading An ‘Attack Path’ Mapping Approach to CVEs 2021-42287 and 2021-42278
From deepfakes to crypto crime to in-flight drone-based data theft, cyber awareness in 2022 will look a bit different. Good cyber awareness means knowing these risks, even if some of them sound stranger than science fiction. Cyber Awareness and Deepfake Crime What if you got a phone call from a trusted friend or colleague to […]
The post Cyber Awareness 2022: Consider Deepfakes, NFTs and More appeared first on Security Intelligence.
Continue reading Cyber Awareness 2022: Consider Deepfakes, NFTs and More
Traditional security isn’t always enough to keep attackers at bay. When it comes to sneaking into networks, detection will often only come after malicious traffic reaches systems such as next-generation firewalls and intrusion detection and prevention systems. Meanwhile, threat actors have free range. But if you can trick the attacker attempting to trick you, it’s […]
The post Intelligent Adversary Engagement: Deceiving the Attacker appeared first on Security Intelligence.
Continue reading Intelligent Adversary Engagement: Deceiving the Attacker
You’d have to look far and wide to find an IT professional who isn’t aware of (and probably responding to) the Log4Shell vulnerability. The Operational Technology (OT) sector is no exception, yet the exact exposure the vulnerability poses to OT technology is yet to be fully uncovered. The vulnerability was first made public earlier this […]
The post Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them appeared first on Security Intelligence.
In March 2021, IBM Security X-Force observed an attack on an Asian airline that we assess was likely compromised by a state-sponsored adversary using a new backdoor that utilizes Slack. The adversary leveraged free workspaces on Slack, a legitimate messaging and collaboration application likely to obfuscate operational communications, allowing malicious traffic, or traffic with underlying […]
The post Nation State Threat Group Targets Airline with Aclip Backdoor appeared first on Security Intelligence.
Continue reading Nation State Threat Group Targets Airline with Aclip Backdoor
On December 09, 2021, a severe vulnerability for Apache Log4j was released (CVE-2021-44228). This vulnerability, also known as Log4Shell, allows remote code execution in many applications through web requests and without authentication. Almost immediately, many attackers on the Internet began to scan and exploit this vulnerability. This is meant to provide guidelines and recommendations on…
The post Log4j Detection and Response Playbook appeared first on TrustedSec.
From the CISO to the SOC operator, defenders struggle to maintain complete situational awareness. Holistic approaches to risk management require the implementation of a manageable number of policies and procedures but are tied to an often unmanageable … Continue reading Extracting value from the interconnected network of risk management
Today’s reality means that organizations need to be constantly vigilant against security breaches. Having a robust incident response plan in place is vital. IBM Security X-Force is a team dedicated to delivering the latest threat intelligence, research and analysis reports that help you manage risk in your organization. This monthly malware roundup offers a summary […]
The post X-Force Threat Intelligence: Monthly Malware Roundup appeared first on Security Intelligence.
Continue reading X-Force Threat Intelligence: Monthly Malware Roundup