Thursday, May 19, 2022
IBM Security

Malicious Reconnaissance: What It Is and How To Stop It

You spend your days getting ready to stop threat actors. But even as you wonder, attackers could already be ‘casing the joint’.  Before any well-organized attack, skillful or professional attackers quietly snoop around, looking for chances to gain access. It’s...
IBM Security

ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups

IBM Security X-Force researchers have continually analyzed the use of several crypters developed by the cybercriminal group ITG23, also known as Wizard Spider, DEV-0193, or simply the “Trickbot Group”. The results of this research, along with evidence gained from...
IBM Security

How Dangerous Is the Cyber Attack Risk to Transportation?

If an attacker breaches a transit agency’s systems, the impact could reach far beyond server downtime or leaked emails. Imagine an attack against a transportation authority that manages train and subway routes. The results could be terrible.  Between June of...
IBM Security

Avoiding the Unintended Consequences of Strict Cybersecurity Policies

Does the left hand know what the right hand is doing? Or does even the left pinky know what the left ring finger is doing? Problems can easily arise when policies, including cybersecurity ones, end up being out of...
IBM Security

62% of Surveyed Organizations Hit By Supply Chain Attacks in 2021

You’ve heard more about the supply chain in the past two years than you ever expected, or likely wanted. But, as a cybersecurity professional, you now have even more reason to pay attention besides not being able to get...
IBM Security

MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be?

The MITRE ATT&CK threat framework is seemingly everywhere these days, and with good reason. It is an invaluable tool for understanding the various methods, or as MITRE refers to them Tactics and Techniques, employed by threat actors. It offers...
IBM Security

What Do Financial Institutions Need to Know About the SEC’s Proposed Cybersecurity Rules?

On March 9, the U.S. Securities and Exchange Commission (SEC) announced a new set of proposed rules for cybersecurity risk management, strategy and incident disclosure for public companies. One intent of the rule changes is to provide “consistent, comparable...
IBM Security

New DOJ Team Focuses on Ransomware and Cryptocurrency Crime

While no security officer would rely on this alone, it’s good to know the U.S. Department of Justice is increasing efforts to fight cyber crime. According to a recent address in Munich by Deputy Attorney General Lisa Monaco, new...
IBM Security

The Growing Danger of Data Exfiltration by Third-Party Web Scripts

The theft of personal or sensitive data is one of the biggest threats to online business. This danger, data exfiltration or data extrusion, comes from a wide variety of attack vectors. These include physical theft of devices, insider attacks...
IBM Security

Modern Identity and Access Management Makes a Difference, Especially at a Mega-Scale

As businesses embrace more remote users and a hybrid work model, managing user identity and access is more important than ever. Add authentication for millions of third parties and non-employees, and thousands of applications and IoT devices to the...
IBM Security

X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021

From 2020 to 2021, there was a 33% increase in the number of reported incidents caused by vulnerability exploitation, according to the 2022 X-Force Threat Intelligence Index. A large percentage of these exploited vulnerabilities were newly discovered; in fact,...
IBM Security

One Small Error by DevOps, One Giant Opening for Attackers

When you look at breach statistics in today’s cloud-dominated IT world, you can see several examples where a small error made by the DevOps or CloudOps team has led to a tremendous impact on businesses’ reputations or, in some...
IBM Security

SEC Proposes New Cybersecurity Rules for Financial Services

Proposed new policies from the Securities and Exchange Commission (SEC) could spell changes for how financial services firms handle cybersecurity. On Feb. 9, the SEC voted to propose cybersecurity risk management policies for registered investment advisers, registered investment companies...
IBM Security

Technologies Useful In the Pandemic Are Challenging Privacy Now

Your company likely made many quick decisions back in March 2020. As an IT leader, you provided the tools employees needed to stay productive while working remotely. It had to happen now or sooner. Your team made it possible for...
IBM Security

What Are the Biggest Phishing Trends Today?

According to the 2022 X-Force Threat Intelligence Index, phishing was the most common way that cyber criminals got inside an organization. Typically, they do so to launch a much larger attack such as ransomware. The Index also found that...
SecurityWeek

Phishers Add Chatbot to the Phishing Lure

Researchers have discovered a new approach being taken by phishers to increase victim engagement and confidence: the addition of an interactive chatbot. We have all become accustomed to the chatbots used by many of the largest service providers –...
SecurityWeek

QuSecure Lauches Quantum-Resilient Encryption Platform

New firm launches to provide the Easy Button for implementing quantum secure encryption The pressure to implement quantum secure encryption is increasing. This isn’t because functioning quantum computers able to crack asymmetric encryption are expected tomorrow, but because of the...
The Register

Iran, China-linked gangs join Putin’s disinformation war online

They're using the invasion 'to take aim at the usual adversaries,' Mandiant told The Reg Pro-Beijing and Iran miscreants are using the war in Ukraine to spread disinformation that supports these countries' political interests — namely, advancing anti-Western narratives...

6 Scary Tactics Used in Mobile App Attacks

Mobile attacks have been going on for many years, but the threat is rapidly evolving as more sophisticated malware families with novel features enter the scene.