Analysis of Diavol Ransomware Reveals Possible Link to TrickBot Gang

Ransomware has become the number one cyber threat to organizations, making up nearly 25% of attacks IBM X-Force Incident Response remediated in 2020. Ransomware is making headlines on a regular basis due to the high impact of certain attacks on victims in critical industries. It’s unlikely that the pace of attacks will slow down in […]

The post Analysis of Diavol Ransomware Reveals Possible Link to TrickBot Gang appeared first on Security Intelligence.

Continue reading Analysis of Diavol Ransomware Reveals Possible Link to TrickBot Gang

A New Directive for Pipeline Operators Puts Cybersecurity in the Spotlight

It’s no secret that cyberattacks against critical infrastructure are increasing. The recent attacks against water treatment plants, pipelines, vital hospital systems and food processing facilities have all made recent headlines and demonstrate the vulnerability of all types of critical infrastructure providers. The attacks have caused chaos, value chain disruption and crippling fuel shortages, and we […]

The post A New Directive for Pipeline Operators Puts Cybersecurity in the Spotlight appeared first on Security Intelligence.

Continue reading A New Directive for Pipeline Operators Puts Cybersecurity in the Spotlight

ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group

This blog supplements a Black Hat USA 2021 talk given August 2021.  IBM Security X-Force threat intelligence researchers continue to track the infrastructure and activity of a suspected Iranian threat group ITG18. This group’s tactics, techniques and procedures(TTPs) overlap with groups known as Charming Kitten, Phosphorus and TA453. Since our initial report on the group’s training […]

The post ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group appeared first on Security Intelligence.

Continue reading ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group

Data Breach Costs at Record High, Zero Trust, AI and Automation Help Reduce Costs

Data breaches have been growing in numbers and scale, taking longer to detect and contain. The average total cost of a data breach is at its highest of 17 years, at $4.24 million. The year over year increase of 10% is the largest single year cost increase recorded in the last 7 years. IBM and […]

The post Data Breach Costs at Record High, Zero Trust, AI and Automation Help Reduce Costs appeared first on Security Intelligence.

Continue reading Data Breach Costs at Record High, Zero Trust, AI and Automation Help Reduce Costs

What’s New in the 2021 Cost of a Data Breach Report

Has cybersecurity ever been more important than it is right now? Even in these extraordinary times, with its focus on manufacturing vaccines and getting shots into arms, new research in the Cost of a Data Breach Report shows that the increasing cost of security breaches makes preventing and responding to these threats a critical concern. […]

The post What’s New in the 2021 Cost of a Data Breach Report appeared first on Security Intelligence.

Continue reading What’s New in the 2021 Cost of a Data Breach Report

This Chat is Being Recorded: Egregor Ransomware Negotiations Uncovered

Ransomware attacks are topping the charts as the most common attack type to target organizations with a constant drumbeat of attacks impacting industries across the board. In fact, IBM Security X-Force has seen a more than 10% increase in ransomware incident response requests compared to this time last year. Ransomware is well on its way […]

The post This Chat is Being Recorded: Egregor Ransomware Negotiations Uncovered appeared first on Security Intelligence.

Continue reading This Chat is Being Recorded: Egregor Ransomware Negotiations Uncovered

Avoid Blind Spots: Is Your Incident Response Team Cloud Ready?

The year 2020 — with all its tumult — ushered in a massive shift in the way most companies work. Much of that transformation included migrating to cloud, with some statisticians reporting that a full 50% of companies across the globe are now using cloud technology. In many ways, that’s good — cloud holds several […]

The post Avoid Blind Spots: Is Your Incident Response Team Cloud Ready? appeared first on Security Intelligence.

Continue reading Avoid Blind Spots: Is Your Incident Response Team Cloud Ready?

Vulnerability Management: How a Risk-Based Approach Can Increase Efficiency and Effectiveness

Security professionals keep busy. Before you can patch a vulnerability, you need to decide how important it is. How does it compare to the other problems that day? Choosing which jobs to do first using vulnerability management tools can be a key element of a smart security strategy. Software vulnerabilities are one of the root […]

The post Vulnerability Management: How a Risk-Based Approach Can Increase Efficiency and Effectiveness appeared first on Security Intelligence.

Continue reading Vulnerability Management: How a Risk-Based Approach Can Increase Efficiency and Effectiveness

RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation

In a recent collaboration to investigate a rise in malware infections featuring a commercial remote access trojan (RAT), IBM Security X-Force and Cipher Tech Solutions (CT), a defense and intelligence security firm, investigated malicious activity that spiked in the first quarter of 2021. With over 1,300 malware samples collected, the teams analyzed the delivery of […]

The post RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation appeared first on Security Intelligence.

Continue reading RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation

Don’t Be Rude, Stay: Avoiding Fork&Run .NET Execution With InlineExecute-Assembly

Some of you love it and some of you hate it, but at this point it should come as no surprise that .NET tradecraft is here to stay a little longer than anticipated. The .NET framework is an integral part of Microsoft’s operating system with the most recent release of .NET being .NET core. Core […]

The post Don’t Be Rude, Stay: Avoiding Fork&Run .NET Execution With InlineExecute-Assembly appeared first on Security Intelligence.

Continue reading Don’t Be Rude, Stay: Avoiding Fork&Run .NET Execution With InlineExecute-Assembly