X-Force – Page 3 – WindowsTechs.com

Poor Communication During a Data Breach Can Cost You — Here’s How to Avoid It

Posted on June 2, 2023 by Mitch Mayne

No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. […]

The post Poor Communication During a Data Breach Can Cost You — Here’s How to Avoid It appeared first on Security Intelligence.

Continue reading Poor Communication During a Data Breach Can Cost You — Here’s How to Avoid It→

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

Posted on June 1, 2023 by Mitch Mayne

Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures […]

The post Ransomware Renaissance 2023: The Definitive Guide to Stay Safer appeared first on Security Intelligence.

Continue reading Ransomware Renaissance 2023: The Definitive Guide to Stay Safer→

BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration

Posted on May 30, 2023 by IBM Security X-Force Team

This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, and Diego Matos Martins. BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to the 2023 X-Force Threat Intelligence Index, continues to wreak havoc across organizations globally this year. BlackCat (a.k.a. […]

The post BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration appeared first on Security Intelligence.

Continue reading BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration→

Expert Insights on the X-Force Threat Intelligence Index

Posted on May 1, 2023 by Security Intelligence Staff

Top insights are in from this year’s IBM Security X-Force Threat Intelligence Index, but what do they mean? Three IBM Security X-Force experts share their thoughts on the implications of the most pressing cybersecurity threats, and offer guidance for what organizations can do to better protect themselves. Moving Left of Boom: Early Backdoor Detection Andy […]

The post Expert Insights on the X-Force Threat Intelligence Index appeared first on Security Intelligence.

Continue reading Expert Insights on the X-Force Threat Intelligence Index→

Ex-Conti and FIN7 Actors Collaborate with New Backdoor

Posted on April 14, 2023 by Charlotte Hammond

Former Conti syndicate and FIN7 members have collaborated to use a new backdoor dubbed “Minodo” to deliver the Project Nemesis infostealer. Explore the intricate nature of cooperation among cybercriminal groups and their members with in-depth analysis from IBM Security X-Force experts.

The post Ex-Conti and FIN7 Actors Collaborate with New Backdoor appeared first on Security Intelligence.

Continue reading Ex-Conti and FIN7 Actors Collaborate with New Backdoor→

X-Force Identifies Vulnerability in IoT Platform

Posted on April 5, 2023 by Katherine Bianco Vega

The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a […]

The post X-Force Identifies Vulnerability in IoT Platform appeared first on Security Intelligence.

Continue reading X-Force Identifies Vulnerability in IoT Platform→

X-Force Prevents Zero Day from Going Anywhere

Posted on March 30, 2023 by John Dwyer

This blog was made possible through contributions from Fred Chidsey and Joseph Lozowski. The X-Force Vulnerability and Exploit Database shows that the number of zero days being released each year is on the rise, but X-Force has observed that only a few of these zero days are rapidly adopted by cyber criminals each year. While […]

The post X-Force Prevents Zero Day from Going Anywhere appeared first on Security Intelligence.

Continue reading X-Force Prevents Zero Day from Going Anywhere→

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

Posted on March 21, 2023 by Valentina Palmiotti

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption […]

The post Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours appeared first on Security Intelligence.

Continue reading Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours→

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

Posted on March 20, 2023 by John Dwyer

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as […]

The post When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule appeared first on Security Intelligence.

Continue reading When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule→

Defining the Cobalt Strike Reflective Loader

Posted on March 10, 2023 by Bobby Cooke

The Challenge with Using Cobalt Strike for Advanced Red Team Exercises While next-generation AI and machine-learning components of security solutions continue to enhance behavioral-based detection capabilities, at their core many still rely on signature-based detections. Cobalt Strike being a popular red team Command and Control (C2) framework used by both threat actors and red teams […]

The post Defining the Cobalt Strike Reflective Loader appeared first on Security Intelligence.

Continue reading Defining the Cobalt Strike Reflective Loader→