Category: Security Intelligence

This article has been indexed from Security Intelligence According to a recent Forrester Consulting research report commissioned by IBM, 78% of security decision-makers plan to implement or are unsure how to implement Secure Access Service Edge (SASE) in the next…

Read more →

This article has been indexed from Security Intelligence Security continues to be one of the top concerns for 90 percent of our clients adopting cloud. It’s further intensified with 75 percent of the clients embracing a multicloud deployment model. Cloud…

Read more →

This article has been indexed from Security Intelligence Everyone makes mistakes once in a while. Maybe not all the time, but who hasn’t reused a password or ignored a software update? But any time someone ignores security best practices adds…

Read more →

This article has been indexed from Security Intelligence Server-side templates provide an easy method of managing the dynamic generation of HTML code. But they can also fall victim to server-side template injection (SSTI). Take a look at the basics of…

Read more →

This article has been indexed from Security Intelligence With 5G reshaping the smartphone market, 5G security needs to keep up. Almost one in three smartphones sold in the first quarter of 2021 can connect to a 5G network. That’s just…

Read more →

This article has been indexed from Security Intelligence For reasons we all know, software supply chain attacks took on new meaning near the end of 2020. This hasn’t changed over this year. One of the best modern ways to combat…

Read more →

This article has been indexed from Security Intelligence Data breaches like ransomware can be catastrophic for some businesses. Not only do affected organizations lose revenue from the downtime that occurs during the incident, the post-breach costs can be significant. These…

Read more →

This article has been indexed from Security Intelligence How can you tell when software is behaving strangely if you don’t know what the right behavior is? That’s an important question when it comes to threat actors. After all, attackers often…

Read more →

This article has been indexed from Security Intelligence As the mom of a recent high school graduate, I silently cringe when a well-meaning person asks where he is heading to college. I’d prefer they asked a more open-ended question about…

Read more →

This article has been indexed from Security Intelligence While we’re seeing the effects of larger, more expensive cyberattacks, those effects also ripple out into government policy. The growth of cloud security needs and products reflects the wider world in two…

Read more →

This article has been indexed from Security Intelligence The world of cyber insurance is in a state of flux. The reason: ransomware creates huge financial impacts. And how it will change insurance in the future is unclear. The insurance industry…

Read more →

This article has been indexed from Security Intelligence You may not realize it yet, but we’re living through the latest zeitgeist. It’s the Great Resignation. You may have heard it being tossed around the media or witnessed it firsthand, or…

Read more →

This article has been indexed from Security Intelligence Amateur threat actors have been able to compromise critical infrastructure like industrial control systems (ICS) and other operational technology (OT) assets more often lately. Compromises of exposed OT assets rose over the…

Read more →

This article has been indexed from Security Intelligence Recently, X-Force Red released a tool called Windows Feature Hunter, which identifies targets for dynamic link library (DLL) side-loading on a Windows system using Frida. To provide a defensive counter-measure perspective for…

Read more →

This article has been indexed from Security Intelligence I have data breach fatigue. Every day, my inbox is flooded with dozens of emails about the newest data breaches and what causes them. Five years ago, I took note of every company…

Read more →

This article has been indexed from Security Intelligence In light of recent news-making breaches, we can see there really is no industry immune from data breaches. While I do not want to be doom-and-gloom, manufacturing, consulting, entertainment, retail, consumer goods,…

Read more →

This article has been indexed from Security Intelligence Ransomware has become the number one cyber threat to organizations, making up nearly 25% of attacks IBM X-Force Incident Response remediated in 2020. Ransomware is making headlines on a regular basis due…

Read more →

This article has been indexed from Security Intelligence If you’re anything like me, you used delivery more during the pandemic than before. Both getting food brought to my door and meal kit boxes mean people don’t have to mask up…

Read more →

This article has been indexed from Security Intelligence Cutting corners happens, more so in high-stakes, high-speed jobs. But from employees honest enough to admit when they push vulnerable code live, we can put together a portfolio of products shipped broken.…

Read more →

This article has been indexed from Security Intelligence There’s a lot to think about when you or your employees get new mobile phones — plans, hardware, cost. But one thing many people don’t think about is number recycling, a common…

Read more →

This article has been indexed from Security Intelligence Data encryption can help prevent malicious users and rogue processes from taking control of sensitive data. According to the 2021 Cost of a Data Breach report, the use of encryption is a top factor…

Read more →

This article has been indexed from Security Intelligence Cybercriminals are making headlines using ransomware to block organizations from accessing their own critical business data to extort ransoms. In 2021, ransomware has become a pervasive, newsworthy topic that competes as a…

Read more →

This article has been indexed from Security Intelligence On May 14, the FBI marked a sobering milestone: the receipt of its six millionth digital crime complaint. It took just 14 months for the FBI’s Internet Crime Complaint Center (IC3) to…

Read more →

This article has been indexed from Security Intelligence I’ve read what seems like a million articles on how to make security awareness training more effective for remote workers. And honestly, they all seem to say the same thing. Teach employees…

Read more →

This article has been indexed from Security Intelligence It’s no secret that cyberattacks against critical infrastructure are increasing. The recent attacks against water treatment plants, pipelines, vital hospital systems and food processing facilities have all made recent headlines and demonstrate…

Read more →

This article has been indexed from Security Intelligence When did you last change your work password? Was it when the system prompted you? When you were first hired? Or maybe the answer doesn’t matter. When it comes to password safety,…

Read more →

This article has been indexed from Security Intelligence Spending on cybersecurity is hitting record highs. And that makes sense. Because of big changes in how work gets done (plus the rising cost of breaches and attacks, like ransomware), companies are…

Read more →

This article has been indexed from Security Intelligence This blog supplements a Black Hat USA 2021 talk given August 2021.  IBM Security X-Force threat intelligence researchers continue to track the infrastructure and activity of a suspected Iranian threat group ITG18.…

Read more →

This article has been indexed from Security Intelligence You make password decisions every week. Maybe you create a new account, reset a password or respond to a password change prompt. And each time you make a seemingly small or insignificant…

Read more →

This article has been indexed from Security Intelligence With the global average cost of a data breach totaling $3.86 million in 2020, the topic of security continues to be a major pressure point and a board-level agenda item. So why…

Read more →

This article has been indexed from Security Intelligence Getting and staying ahead of threat actors means knowing the cybersecurity landscape. Today, that still often means ransomware and changing the ways and places we work. July’s top stories include a supply…

Read more →

This article has been indexed from Security Intelligence Data breaches have been growing in numbers and scale, taking longer to detect and contain. The average total cost of a data breach is at its highest of 17 years, at $4.24…

Read more →

This article has been indexed from Security Intelligence Has cybersecurity ever been more important than it is right now? Even in these extraordinary times, with its focus on manufacturing vaccines and getting shots into arms, new research in the Cost…

Read more →

This article has been indexed from Security Intelligence Ever hear of double extortion? It’s a technique increasingly employed by ransomware attackers. A malware payload steals a victim’s plaintext information before launching its encryption routine. Those operating the ransomware then go…

Read more →

This article has been indexed from Security Intelligence I’ve often wondered whether artificial intelligence (AI) in cybersecurity is a good thing or a bad thing for data security. Yes, I love the convenience of online stores suggesting the perfect items…

Read more →

This article has been indexed from Security Intelligence Just about every app uses an application programming interface (API). From a security standpoint, though, APIs also come with some common problems. Gartner predicted that API abuse will be the most common…

Read more →

This article has been indexed from Security Intelligence In cybersecurity as in most jobs, problems don’t happen one at a time, you’re bound to have a few at once. Speakers at the RSA Conference 2021 talked about this in terms…

Read more →

This article has been indexed from Security Intelligence Ransomware attacks are topping the charts as the most common attack type to target organizations with a constant drumbeat of attacks impacting industries across the board. In fact, IBM Security X-Force has…

Read more →

This article has been indexed from Security Intelligence The recent DarkSide attack makes it clear: no system is safe from ransomware. And while the attackers say they weren’t out to hurt anyone, only to make money, the impact is the…

Read more →

This article has been indexed from Security Intelligence Getting a second opinion is a great idea in both medicine and end-user cybersecurity. Two-factor authentication (2FA) and multifactor authentication (MFA) are powerful tools in the fight against all kinds of cyberattacks…

Read more →

This article has been indexed from Security Intelligence The year 2020 — with all its tumult — ushered in a massive shift in the way most companies work. Much of that transformation included migrating to cloud, with some statisticians reporting…

Read more →

This article has been indexed from Security Intelligence As more companies start to use the cloud, the threat of a data breach and the rules and fines that go with it has only grown. Therefore, companies and agencies need to…

Read more →

This article has been indexed from Security Intelligence Throughout my lifetime, I’ve wondered on many occasions how my life would have changed had I made a different decision at a critical point — picked a different college, taken a different…

Read more →

This article has been indexed from Security Intelligence A cybersecurity researcher discovered a new category of Wi-Fi vulnerabilities recently. But the surprising news is that this new category is actually very old. Called FragAttacks, these 12 Wi-Fi vulnerabilities have existed since the…

Read more →

This article has been indexed from Security Intelligence You’ve seen the memes and the warnings on social media — answering questions about your life history is ruining your password safety. It’s giving the bad guys the information they need to…

Read more →

This article has been indexed from Security Intelligence In mid-May, one of the largest insurance companies in the U.S. paid $40 million to ransomware attackers. Two people familiar with the matter told Bloomberg that the malicious actors stole an undisclosed…

Read more →

This article has been indexed from Security Intelligence Small- and medium-sized businesses can be victims of digital attacks as much as global ones can. In fact, 88% of small business owners think they’re open to a cyberattack. In response, startups must…

Read more →

This article has been indexed from Security Intelligence In the last hour, I’ve used my phone to take pictures of my teenagers, spy on my dogs while I was out of the house, pay my electric bill and watch a…

Read more →

This article has been indexed from Security Intelligence Security professionals keep busy. Before you can patch a vulnerability, you need to decide how important it is. How does it compare to the other problems that day? Choosing which jobs to…

Read more →

This article has been indexed from Security Intelligence As cyberattacks speed up and become more complex, defenders need to do the same. One large component of this is privileged access management, or PAM. But PAM itself is always evolving. So…

Read more →

This article has been indexed from Security Intelligence In the ever-growing software ecosystem, successful products need to have great performance, security, maintainability and usability. For the people who deliver those products, quality assurance, time to market and cost matter most.…

Read more →

This article has been indexed from Security Intelligence Home is where the ‘smart’ is. A recent study revealed the average American household has 25 connected or Internet of Things (IoT) devices. The number of consumers who have smart home devices…

Read more →

This article has been indexed from Security Intelligence In a recent collaboration to investigate a rise in malware infections featuring a commercial remote access trojan (RAT), IBM Security X-Force and Cipher Tech Solutions (CT), a defense and intelligence security firm,…

Read more →

This article has been indexed from Security Intelligence Some of you love it and some of you hate it, but at this point it should come as no surprise that .NET tradecraft is here to stay a little longer than…

Read more →

This article has been indexed from Security Intelligence Security information and event management (SIEM) solutions continue to evolve, as shown in the 2021 Gartner Magic Quadrant for SIEM, which is a great representation of the changing security landscape and the…

Read more →

This article has been indexed from Security Intelligence On July 2, 2021, Kaseya customers were notified of a compromise affecting the company’s VSA product in a way that poisoned the product’s update mechanism with malicious code. VSA is a remote…

Read more →

This article has been indexed from Security Intelligence Operational Technology Threats in 2021: Ransomware, Remote Access Trojans and Targeted Threat Groups Organizations with operational technology (OT) networks face many unique — and often complicated — considerations when it comes to…

Read more →

This article has been indexed from Security Intelligence A lot has changed since the creation of the Open Systems Interconnection (OSI) model. The OSI model dates back to the mid-1970s, designed to serve as a common basis for system interconnection…

Read more →

This article has been indexed from Security Intelligence In a world in which bad news dominates, social engineering scams that carry a promise of good news can be incredibly lucrative for cyber criminals.  In one recent example, fraudsters set up…

Read more →

This article has been indexed from Security Intelligence Offensive security professionals have been using Frida for analyzing iOS and Android mobile applications. However, there has been minimal usage of Frida for desktop operating systems such as Windows. Frida is described…

Read more →

This article has been indexed from Security Intelligence Cybersecurity careers are a buzzy topic lately, with more people needed and salaries competitive. How do you make yourself stand out in this field and find a career you both love and…

Read more →

This article has been indexed from Security Intelligence IBM Security X-Force researchers studied the botnet activity of a malware variant that is used by cyber crime groups to illegally mine cryptocurrency. Examining two ShellBot botnets that appeared in attacks honeypots…

Read more →

This article has been indexed from Security Intelligence Our travels through the OSI seven layers of networking have shown that each layer has specific weaknesses and angles of attack. In turn, each has its best defenses. Now, we’ve come to the…

Read more →

This article has been indexed from Security Intelligence Let’s say you’re planning a train robbery in the Old West. Your posse can jump on board at the station, on the route or at the last stop. The same is true of…

Read more →

This article has been indexed from Security Intelligence If your work touches on the world of software development, you’ve likely heard the saying ‘software is eating the world’ by engineer/investor Marc Andreessen. He argued that building software was becoming the…

Read more →

This article has been indexed from Security Intelligence Contributed to this research: Segev Fogel, Amir Gendler and Nethanella Messer.   IBM Trusteer researchers continually monitor the evolution and attack tactics in the banking sector. In a recent analysis, our team…

Read more →

This article has been indexed from Security Intelligence Phishing attacks, insider threats, denial of service disruptions, malware and ransomware — cybersecurity incidents like these happen on a daily basis. For most of these incidents, the onsite IT team will remediate…

Read more →

This article has been indexed from Security Intelligence Working as security consultants is highly rewarding. Companies depend on us to view their environment from the perspective of an attacker and find vulnerabilities that could enable threats to succeed. One of…

Read more →

This article has been indexed from Security Intelligence If zero trust is the brain that watches out for the health of the digital body, extended detection and response (XDR) serves as the nerves that bring it information. And as the…

Read more →

This article has been indexed from Security Intelligence In our journey through the Open Systems Interconnection (OSI) seven layers of networking, the OSI session layer is a gatekeeper that manages the connection between applications. In other words, we are past…

Read more →

This article has been indexed from Security Intelligence Imagine being able to manage hundreds of millions of IDs and process billions of logins and other transactions per day. That’s what you can achieve for your organization by using consumer identity…

Read more →

This article has been indexed from Security Intelligence How many online accounts did you open during the pandemic? A new survey examines the impact of this digital surge on risk to consumers and businesses alike. The unexpected nature of a…

Read more →

This article has been indexed from Security Intelligence As I help my two teenagers figure out what to do after high school, I wonder when a certification is better than a four-year degree. I’ve seen firsthand the pressure among their…

Read more →

This article has been indexed from Security Intelligence As we’ve talked about in the rest of this series, there are several ways to use the Open Systems Interconnection (OSI) seven layers of networking model to help us secure our networks and…

Read more →

This article has been indexed from Security Intelligence I found my 17-year-old son happily playing video games last year when he was supposed to be in virtual school. But after a few questions, I learned he wasn’t skipping school. His…

Read more →

This article has been indexed from Security Intelligence The COVID-19 pandemic has shifted the way we work, and a large variety of teams have either gone virtual or hybrid, working remotely in some capacity, including IT and security teams. In…

Read more →

This article has been indexed from Security Intelligence As we emerge from the pandemic, organizations will confront a new world of business travel and a new world of cybersecurity tips for travelers. What has changed? What hasn’t changed?  The particular…

Read more →

This article has been indexed from Security Intelligence Networks are the foundation of today’s connected world. They allow millions of people, devices, apps and systems to talk with one another every minute of the day. Without networks, modern communication as…

Read more →

This article has been indexed from Security Intelligence Two years ago, a group of tech companies introduced a new roadmap for cloud computing security. Confidential computing “uses hardware-based techniques to isolate data, specific functions, or an entire application from the…

Read more →

This article has been indexed from Security Intelligence Every time I start to put my information into an online form, especially if it’s my credit card number or a banking transaction, I almost always pause. There was a time when…

Read more →

This article has been indexed from Security Intelligence In December 2020, a nation-state attack on the SolarWinds network management system compromised the supply chains of over 18,000 organizations, including the Pentagon and the Department of Homeland Security. With costs likely…

Read more →

This article has been indexed from Security Intelligence As an IT leader in charge of database engineering and database audit and compliance for a Fortune 50 American company with millions of customers, I know that there are potential risks and…

Read more →

This article has been indexed from Security Intelligence Cyber crime gangs have been operating for years, but in recent months, they’ve shifted tactics. They’ve embraced new technologies, exploited new opportunities, delivered new payloads and sought out new targets. Their aim…

Read more →

This article has been indexed from Security Intelligence Some online experiences are so bad that 25% of users abandon an application after first use and never return. To avoid this retention problem, you should offer better engagement to your customers…

Read more →

This article has been indexed from Security Intelligence Many companies around the world with industrial operations environments, commonly referred to as operational technology (OT) environments, do not invest the same resources to protect OT systems as they do to secure…

Read more →

This article has been indexed from Security Intelligence Cloud computing introduced a paradigm shift in how companies operated, maintained and spent on IT. Through its varied service models (IaaS, PaaS and SaaS), it offers companies the ability to spin up…

Read more →

This article has been indexed from Security Intelligence One of the first questions I ask when working with an organization is “Why are you interested in making FAIR (Factor Analysis of Information Risk) a part of your standard risk management…

Read more →

This article has been indexed from Security Intelligence Networking models help us understand the ‘lay of the land’ when it comes to protecting the network. In our journey through the Open Systems Interconnection (OSI) framework, we’ve arrived at the last…

Read more →

This article has been indexed from Security Intelligence Cybersecurity workers are very proud of their certifications. Just check their email signatures for the alphabet of them: CISSP (certified information systems security professional), CISM (certified information security manager) and CCISO (certified chief…

Read more →

This article has been indexed from Security Intelligence A ransomware attack can hurt employee morale in unique ways compared to other types of attacks. Depending on how the company reacts, employee morale can drop, and security teams become less effective.…

Read more →

This article has been indexed from Security Intelligence I’d wager few people had ever heard of Oldsmar, Florida, prior to 2021. That all changed in February when the city made headlines. The reason? An Internet of things (IoT) security incident…

Read more →

This article has been indexed from Security Intelligence We’ve all heard dire predictions about the future of cybersecurity trends, especially cloud security. Internet of things (IoT) environments will expand the attack surface beyond control and encourage breaches. Hybrid offices will…

Read more →

This article has been indexed from Security Intelligence Today’s top innovations are on the schedule for RSA Conference 2021. While you’re attending the virtual conference, what should be on the top of your list? Here are eight trends shaping our…

Read more →

This article has been indexed from Security Intelligence Among the many important aspects of Internet of things (IoT) security, live cameras are one of the most open to misuse. People have been video snooping, watching private cameras and doing other…

Read more →

This article has been indexed from Security Intelligence Cloud security and web application security demand technology and practices that protect applications and data hosted remotely. Good old-fashioned data encryption is chief among these. The reasons for encrypting cloud data, of…

Read more →

This article has been indexed from Security Intelligence Keeping student data safe and maintaining information security in education are part of living in today’s world for educators. Why is it important to include data security in their work? Find an…

Read more →

This article has been indexed from Security Intelligence Over the years, the term ransomware has taken on a new meaning for many businesses and local governments. This used to be considered a relatively new and emerging form of malware. Now, attackers have…

Read more →

This article has been indexed from Security Intelligence Ever been on a website, ready to check out, only to encounter multiple fields to fill at once? Did the process frustrate you and make you close the page without completing your…

Read more →

This article has been indexed from Security Intelligence What does the rise of remote security operations centers (SOCs) mean for cybersecurity jobs? The longer people work from home during the pandemic, the more they rate remote working a success for…

Read more →

This article has been indexed from Security Intelligence How many different ways can data be compromised? First, both external and internal threats can target it. External threats can come in the form of malware or ransomware. Meanwhile, internal threats can…

Read more →