Collaborate Disseminate
Every tweet, text, bank transaction, Google search and DoorDash order is part of your digital shadow. We all have one, and the contents of your shadow aren’t always private. For example, in April 2021 attackers leaked data containing the personal information of over 533 million Facebook users from 106 countries. Sure, you might want your tweet […]
The post Digital Shadows Weaken Your Attack Surface appeared first on Security Intelligence.
This research was made possible through the data collection efforts of Maleesha Perera, Joffrin Alexander, and Alana Quinones Garcia. Key Highlights The average duration of an enterprise ransomware attack reduced 94.34% between 2019 and 2021: 2019: 2+ months — The TrickBot (initial access) to Ryuk (deployment) attack path resulted in a 90% increase in ransomware […]
The post Countdown to Ransomware: Analysis of Ransomware Attack Timelines appeared first on Security Intelligence.
Continue reading Countdown to Ransomware: Analysis of Ransomware Attack Timelines
This post was written with contributions from Chris Caridi and Kat Weinberger. IBM Security X-Force has been tracking the activity of Black Basta, a new ransomware group that first appeared in April 2022. To date, this group has claimed attribution of 29 different victims across multiple industries using a double extortion strategy where the attackers […]
The post Black Basta Besting Your Network? appeared first on Security Intelligence.
1 Introduction What is a group Managed Service Account (gMSA)? If your job is to break into networks, a gMSA can be a prime target for a path to escalate privileges, perform credential access, move laterally or even persist in a domain via a ‘golden’ opportunity. If you’re an enterprise defender, it’s something you need…
The post Splunk SPL Queries for Detecting gMSA Attacks appeared first on TrustedSec.
Continue reading Splunk SPL Queries for Detecting gMSA Attacks
If an attacker breaches a transit agency’s systems, the impact could reach far beyond server downtime or leaked emails. Imagine an attack against a transportation authority that manages train and subway routes. The results could be terrible. Between June of 2020 and June of 2021, the transportation industry witnessed a 186% increase in weekly ransomware […]
The post How Dangerous Is the Cyber Attack Risk to Transportation? appeared first on Security Intelligence.
Continue reading How Dangerous Is the Cyber Attack Risk to Transportation?
The MITRE ATT&CK threat framework is seemingly everywhere these days, and with good reason. It is an invaluable tool for understanding the various methods, or as MITRE refers to them Tactics and Techniques, employed by threat actors. It offers annotated and curated details about those methods, and it provides the capability to visualize this data […]
The post MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be? appeared first on Security Intelligence.
Continue reading MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be?
The theft of personal or sensitive data is one of the biggest threats to online business. This danger, data exfiltration or data extrusion, comes from a wide variety of attack vectors. These include physical theft of devices, insider attacks within a corporate network and phishing, malware or third-party scripts. The risk for regular website users […]
The post The Growing Danger of Data Exfiltration by Third-Party Web Scripts appeared first on Security Intelligence.
Continue reading The Growing Danger of Data Exfiltration by Third-Party Web Scripts
According to the 2022 X-Force Threat Intelligence Index, phishing was the most common way that cyber criminals got inside an organization. Typically, they do so to launch a much larger attack such as ransomware. The Index also found that phishing was used in 41% of the attacks that X-Force remediated in 2021. That’s a 33% […]
The post What Are the Biggest Phishing Trends Today? appeared first on Security Intelligence.
Continue reading What Are the Biggest Phishing Trends Today?
This post was written with contributions from IBM Security’s Rob Dyson, Preston Futrell and Brett Drummond. Let’s explore a day in the life of a vehicle security operations center (VSOC). An autonomous vehicle is transporting passengers to their destination. Inside the vehicle, they are patiently waiting to arrive at their destination and, in the meantime, […]
The post Building the CASE for the Vehicle Security Operations Center appeared first on Security Intelligence.
Continue reading Building the CASE for the Vehicle Security Operations Center
Cybersecurity is one of the most dynamic fields of law. Long gone are the days when organizations could rely entirely on defensive measures within their own environments for protection: effective threat intelligence and threat hunting programs can take… Continue reading The evolving role of the lawyer in cybersecurity