On the morning of July 9, 2012, the world braced for an “internet doomsday”: a full-scale crash of the global internet.  Except it didn’t happen. And that non-event represented the culmination of a long and successful coordinated action taken between a huge number of organizations, spearheaded by the FBI.  It was one of the most […]

The post How the DNSChanger Shutdown Changed Cybersecurity appeared first on Security Intelligence.

https://securityintelligence.com/articles/how-dnschanger-shutdown-changed-cybersecurity/

Threat actors — and particularly ransomware attackers — have education institutions in their crosshairs. From Vice Society’s September attack on schools in California to Snach’s late October assault on schools in Wisconsin, threat actors are not holding back when it comes to preying on schools. K-12 schools are the most vulnerable within the education industry, […]

The post Defending Education from Cyber Threat Attackers appeared first on Security Intelligence.

https://securityintelligence.com/posts/defending-education-cyber-threat-attackers/

Not so long ago, the Mac was thought to be impervious to viruses. In fact, Apple once stated on its website that “it doesn’t get PC viruses”. But that was before the Mac OS X Trojan Flashback malware appeared in 2012. Since then, Mac and iPhone security issues have changed dramatically — and so has […]

The post How the Mac OS X Trojan Flashback Changed Cybersecurity appeared first on Security Intelligence.

https://securityintelligence.com/articles/how-mac-trojan-flashback-changed-cybersecurity/

Not so long ago, the Mac was thought to be impervious to viruses. In fact, Apple once stated on its website that “it doesn’t get PC viruses”. But that was before the Mac OS X Trojan Flashback malware appeared in 2012. Since then, Mac and iPhone security issues have changed dramatically — and so has […]

The post How the Mac OS X Trojan Flashback Changed Cybersecurity appeared first on Security Intelligence.

https://securityintelligence.com/articles/how-mac-trojan-flashback-changed-cybersecurity-2/

As cyber threats increase in frequency and intensity worldwide, it has never been more crucial for governments and private organizations to work together to identify, analyze and combat attacks. Yet while the federal government has strongly supported this model of private-public information sharing, the reality is less than impressive. Many companies feel that intel sharing […]

The post Overcoming Distrust in Information Sharing: What More is There to Do? appeared first on Security Intelligence.

https://securityintelligence.com/articles/overcoming-distrust-information-sharing/

Each year between June and November, many parts of the U.S. become potential targets for hurricanes. In October 2022, we had Hurricane Ian devastate Florida. To prepare for natural disasters like hurricanes, organizations are encouraged to build out and test business continuity, disaster recovery, and crisis management plans to use in the response efforts. Millions […]

The post What Hurricane Preparedness Can Teach Us About Ransomware appeared first on Security Intelligence.

https://securityintelligence.com/posts/hurricanes-preparedness-ransomware/

In some parts of the world during October, we have Halloween, which conjures the specter of imagined monsters lurking in the dark. Simultaneously, October is Cybersecurity Awareness Month, which evokes the specter of threats lurking behind our screens. Bombarded with horror stories about data breaches, ransomware, and malware, everyone’s suddenly in the latest cybersecurity trends […]

The post Charles Henderson’s Cybersecurity Awareness Month Content Roundup appeared first on Security Intelligence.

https://securityintelligence.com/posts/charles-henderson-cybersecurity-awareness-month/

Cyberattacks seldom happen when it’s convenient. In fact, it’s relatively common for them to occur on weekends or holidays — threat actors capitalize on the fact that there is fewer staff on site, and those who are there are focused on the coming weekend or time off. It’s also not uncommon for attacks of this […]

The post What Drives Incident Responders: Key Findings from the 2022 Incident Responder Study appeared first on Security Intelligence.

https://securityintelligence.com/posts/key-findings-2022-incident-responder-study/

There are two kinds of companies in the world: those that have been breached by unethical hackers, and those that have been breached and don’t know it yet. Hackers are relentless. Today’s cyberattacks have evolved into high-level espionage perpetrated by robust criminal organizations or nation-states. In the era of software as a service (SaaS), enterprise […]

The post How to Keep Your Secrets Safe: A Password Primer appeared first on Security Intelligence.

https://securityintelligence.com/posts/how-to-keep-secrets-safe-password-primer/

“New and improved” is the refrain of progress, but new technology doesn’t always turn out to be an improvement. In the case of the evolution from Web2 to Web3, a former hacker revealed how recent changes have created an all-new avenue of potential attack. Recent updates were intended to tighten security. “Due to blockchain technology […]

The post The Dangerous Flaws of Web3 Security, According To a Former Hacker appeared first on Security Intelligence.

https://securityintelligence.com/articles/dangerous-flaws-web3-according-to-hacker/

Command & Control (C2) frameworks are a very sensitive component of Red Team operations. Often, a Red Team will be in a highly privileged position on a target’s network, and a compromise of the C2 framework could lead to a compromise of both the red team operator’s system and control over beacons established on a […]

The post Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1 appeared first on Security Intelligence.

https://securityintelligence.com/posts/analysis-rce-vulnerability-cobalt-strike/

IBM Security X-Force Red took a deeper look at the Google Cloud Platform (GCP) and found a potential method an attacker could use to persist in GCP via the Google Cloud Shell. Google Cloud Shell is a service that provides a web-based shell where GCP administrative activities can be performed. A web-based shell is a […]

The post How an Attacker Can Achieve Persistence in Google Cloud Platform (GCP) with Cloud Shell appeared first on Security Intelligence.

https://securityintelligence.com/posts/attacker-achieve-persistence-google-cloud-platform-cloud-shell/

As a cybersecurity writer, I’m more aware than the average person of the security risks with any connected device. So when I sat in my new car for the first time and saw all the different ways it linked to my phone or my home WiFi, more than a few red flags went up. I […]

The post What You Should Know About the Honda Key Fob Vulnerability appeared first on Security Intelligence.

https://securityintelligence.com/articles/what-to-know-honda-key-fob-vulnerability/

Ransomware gangs are major players in the cybersecurity space, especially in recent years. ZDNet reported that ransomware gangs increased their payments by over 311% from 2019 to 2020, with totals for all groups exceeding $350 million in 2020. Ransoms continued rising in 2021. Unit 42, a threat research team at Palo Alto Networks, found that […]

The post Why Do Ransomware Gangs Keep Coming Back From the Dead? appeared first on Security Intelligence.

https://securityintelligence.com/articles/why-how-ransomware-gangs-come-back/

Over the course of two decades, I’ve seen Incident Response (IR) take on many forms. Cybercrime’s evolution has pulled the nature of IR along with it — shifts in cybercriminals’ tactics and motives have been constant. Even the cybercriminal psyche has completely rebirthed, with more collaboration amongst gangs and fully established ransomware enterprises running. When […]

The post To Cybersecurity Incident Responders Holding the Digital Front Line, We Salute You appeared first on Security Intelligence.

https://securityintelligence.com/posts/cybersecurity-incident-responders-digital-frontline/

As a freelance writer, I spend most of my day working in Microsoft Word. Then, I send drafts to clients and companies across the globe. So, news of the newly discovered Microsoft Office vulnerability made me concerned about the possibility of accidentally spreading malware to my clients. I take extra precautions to ensure that I’m […]

The post Does Follina Mean It’s Time to Abandon Microsoft Office? appeared first on Security Intelligence.

https://securityintelligence.com/articles/follina-vulnerability-abandon-microsoft-office/

The Cybersecurity and Infrastructure Security Agency (CISA) recently published a report highlighting a range of critical security vulnerabilities requiring attention from organizations of all types. The report was published with input from the National Security Agency (NSA) and similar agencies worldwide. It should be considered essential reading.  Many of the vulnerabilities in the report are […]

The post A Response Guide for New NSA and CISA Vulnerabilities appeared first on Security Intelligence.

https://securityintelligence.com/articles/response-guide-nsa-cisa-vulnerabilities/

While cloud computing and its many forms (private, public, hybrid cloud or multi-cloud environments) have become ubiquitous with innovation and growth over the past decade, cybercriminals have closely watched the migration and introduced innovations of their own to exploit the platforms. Most of these exploits are based on poor configurations and human error. New IBM […]

The post Old Habits Die Hard: New Report Finds Businesses Still Introducing Security Risk into Cloud Environments appeared first on Security Intelligence.

https://securityintelligence.com/posts/new-report-finds-businesses-introducing-security-risk-cloud-environments/

In 2019, Google released a synthetic speech database with a very specific goal: stopping audio deepfakes.  “Malicious actors may synthesize speech to try to fool voice authentication systems,” the Google News Initiative blog reported at the time. “Perhaps equally concerning, public awareness of “deep fakes” (audio or video clips generated by deep learning models) can […]

The post We’re Entering the Age of Unethical Voice Tech appeared first on Security Intelligence.

https://securityintelligence.com/articles/entering-age-unethical-voice-tech-deepfakes/

IBM Security Managed Detection and Response (MDR) observations coupled with IBM Security X-Force malware research sheds additional light on the mysterious objectives of the operators behind the Raspberry Robin worm. Based on a comparative analysis between a downloaded Raspberry Robin DLL and a Dridex malware loader, the results show that they are similar in structure […]

The post Raspberry Robin and Dridex: Two Birds of a Feather appeared first on Security Intelligence.

https://securityintelligence.com/posts/raspberry-robin-worm-dridex-malware/