Understanding the Adversary: How Ransomware Attacks Happen

IBM Security X-Force Incident Response (IR) has responded to hundreds of ransomware incidents across every geography and industry. As we have taken time to analyze these incidents, a clear pattern has emerged. Although we observe dozens of ransomware groups in operation across the globe, many with multiple affiliate groups working under them, most ransomware actors […]

The post Understanding the Adversary: How Ransomware Attacks Happen appeared first on Security Intelligence.

Continue reading Understanding the Adversary: How Ransomware Attacks Happen

BrazKing Android Malware Upgraded and Targeting Brazilian Banks

Nethanella Messer and James Kilner contributed to the technical editing of this blog. IBM Trusteer researchers continually analyze financial fraud attacks in the online realms. In recent research into mobile banking malware, we delved into the BrazKing malware’s inner workings following a sample found by MalwareHunterTeam. BrazKing is an Android banking Trojan from the overlay […]

The post BrazKing Android Malware Upgraded and Targeting Brazilian Banks appeared first on Security Intelligence.

Continue reading BrazKing Android Malware Upgraded and Targeting Brazilian Banks

Call to Patch: Zero Day Discovered in Enterprise Help Desk Platform

In an age where organizations have established a direct dependence on software to run critical business operations, it’s fundamental that they are evaluating their software development lifecycles and that of their extended environment — third-party partners — against the same standards. Concerns around vulnerability management are gaining more government attention around the world in order […]

The post Call to Patch: Zero Day Discovered in Enterprise Help Desk Platform appeared first on Security Intelligence.

Continue reading Call to Patch: Zero Day Discovered in Enterprise Help Desk Platform

A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers

Ransomware. Five years ago, the cybersecurity community knew that term well, although among others it was far from dinner table conversation. Times have changed. Since early 2020, ransomware has hit a slew of headlines. People inside and outside of the security industry are talking about it, and many have experienced the ransomware pain firsthand. The […]

The post A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers appeared first on Security Intelligence.

Continue reading A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers

An Attack Against Time

When Liza Minnelli sang that famous tune, “Money makes the world go around,” she should have added one more word: time. Time makes the world go around. It’s that one agreed-upon part of life that the world shares. From laptops to phones to wall clocks to just about every other technology, time is everywhere, controlling […]

The post An Attack Against Time appeared first on Security Intelligence.

Continue reading An Attack Against Time

2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR

“How many millions did you pay threat actors in a ransomware attack?” “Which investments most significantly improved cyber resiliency for your organization?” “Do you have a cybersecurity incident response plan that’s applied consistently across your enterprise?” The answers to these and other key questions produced several notable findings in the latest 2021 Cyber Resilient Organization […]

The post 2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR appeared first on Security Intelligence.

Continue reading 2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR

Why Containers in the Cloud Can Be An Attacker’s Paradise

Containers — which are lightweight software packages that include entire runtime environments — have solved the issues of portability, compatibility and rapid, controlled deployment. Containers include an application; all its dependencies, libraries and other binaries; and configuration files needed to run them. Heralding the era of microservices, Infrastructure as Code and service-oriented architectures (SOA), containers […]

The post Why Containers in the Cloud Can Be An Attacker’s Paradise appeared first on Security Intelligence.

Continue reading Why Containers in the Cloud Can Be An Attacker’s Paradise

The Weaponization of Operational Technology

Given the accelerating rise in operational technology (OT) threats, this blog will address some of the most common threats IBM Security X-Force is observing against organizations with OT networks, including ransomware and vulnerability exploitation. IBM will also highlight several measures that can enhance security for OT networks based on insights gained from the X-Force Red […]

The post The Weaponization of Operational Technology appeared first on Security Intelligence.

Continue reading The Weaponization of Operational Technology

Nobelium Espionage Campaign Persists, Service Providers in Crosshairs

In an advisory released on October 24, Microsoft announced ongoing campaigns it has attributed to the Nobelium state-sponsored threat group. IBM X-Force tracks this group as Hive099. If the name sounds familiar, that’s because it is the same group that targeted SolarWinds in 2020. The U.S. government has identified Nobelium as part of Russia’s foreign […]

The post Nobelium Espionage Campaign Persists, Service Providers in Crosshairs appeared first on Security Intelligence.

Continue reading Nobelium Espionage Campaign Persists, Service Providers in Crosshairs

Detections That Can Help You Identify Ransomware

One of the benefits of being part of a global research-driven incident response firm like X-Force Incidence Response (IR) is that the team has the ability to take a step back and analyze incidents, identifying trends and commonalities that span geographies, industries and affiliations. Leveraging that access and knowledge against the ransomware threat has revealed […]

The post Detections That Can Help You Identify Ransomware appeared first on Security Intelligence.

Continue reading Detections That Can Help You Identify Ransomware