The search to find the mastermind of the attacker group Lapsus$ led to a home outside Oxford, England. The suspected leader was a 16-year-old. He helped take down some of the world’s biggest companies, including Microsoft, from his mother’s house. The BBC reported the teen is alleged to have earned $14 million from his attacks. […]

The post How and Why Do Teens Become Cyber Criminals? appeared first on Security Intelligence.

https://securityintelligence.com/articles/why-teens-become-cyber-criminals/

Major cyberattacks since 2019 jolted the U.S. government and software industry into action. The succeeding years have seen executive orders, new funding, two summits and a newfound resolve. Because of those attacks, the federal government aims to fix the open-source software security threat altogether. But what has really come of these efforts in the last […]

The post How Cybersecurity Policy Has Changed Since the SolarWinds Attack appeared first on Security Intelligence.

https://securityintelligence.com/articles/how-cybersecurity-policy-changed-since-solarwinds-attacks/

Search engine optimization (SEO) is a long game. Improving your website to rank higher on search engine results pages helps you attract more traffic. Plus, it helps build a trustworthy reputation. But, some people want to take shortcuts by using what’s known as black hat SEO. If this happens, your business could pay the price. […]

The post Black Hat SEO: Is Someone Phishing With Your Site Domain? appeared first on Security Intelligence.

https://securityintelligence.com/articles/black-hat-seo-phishing-with-your-site-domain/

If there is one type of cyberattack that can drain the color from any security leader’s face, it’s ransomware. A crippling, disruptive, and expensive attack to recover from, with final costs rarely being easy to foretell. Already a prevalent threat, the number of ransomware attacks rose during the pandemic and nearly doubled in the year […]

The post The Ransomware Playbook Mistakes That Can Cost You Millions appeared first on Security Intelligence.

https://securityintelligence.com/posts/ransomware-playbook-mistakes-cost-you-millions/

You’ve heard all about shadow IT, but there’s another shadow lurking on your systems: Internet of Things (IoT) devices.  These smart devices are the IoT in shadow IoT, and they could be maliciously or unintentionally exposing information. Threat actors can use that to access your systems and sensitive data, and wreak havoc upon your company. […]

The post Beyond Shadow IT: Expert Advice on How to Secure the Next Great Threat Surface appeared first on Security Intelligence.

https://securityintelligence.com/articles/secure-shadow-it-tiktok-secengineer/

In the cybersecurity field, large databases of known threats and vulnerabilities have often been an essential resource. These catalogs show you where to focus your efforts. They’re also a good tool for prioritizing patches to increase security and mitigate the risk of disaster. As a result, these databases need to be reliable and up-to-date and […]

The post CISA or CVSS: How Today’s Vulnerability Databases Work Together appeared first on Security Intelligence.

https://securityintelligence.com/articles/cisa-cvss-which-vulnerability-database/

A comparative analysis performed by IBM Security X-Force uncovered evidence that suggests Bumblebee malware, which first appeared in the wild last year, was likely developed directly from source code associated with the Ramnit banking trojan. This newly discovered connection is particularly interesting as campaign activity has so far linked Bumblebee to affiliates of the threat […]

The post From Ramnit To Bumblebee (via NeverQuest): Similarities and Code Overlap Shed Light On Relationships Between Malware Developers appeared first on Security Intelligence.

https://securityintelligence.com/from-ramnit-to-bumblebee-via-neverquest/

IBM Security and the Ponemon institute release an annual report known as one the most significant industry benchmarks. The Cost of a Data Breach analysis examines real-world breaches in great detail, producing insights into the factors that impact the cost of cyber-attacks. In the 2022 report just released, the healthcare sector stands out for extremely […]

The post Healthcare Breaches Costliest for 12 Years Running, Hit New $10.1M Record High appeared first on Security Intelligence.

https://securityintelligence.com/posts/healthcare-data-breaches-costliest/

This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities. The OT cyber threat landscape […]

The post X-Force 2022 Insights: An Expanding OT Threat Landscape appeared first on Security Intelligence.

https://securityintelligence.com/posts/expanding-ot-threat-landscape-2022/

Today, many leading industries and modern enterprises have switched from processing and acting on data stored in databases to data in flight. How? Through real-time applications. One way to enable this is WebSocket, but it comes with vulnerabilities as well.  What Is WebSocket? Real-time applications operate within an immediate time frame; sensing, analyzing and acting […]

The post How to Remediate a Cross-Site WebSocket Vulnerability appeared first on Security Intelligence.

https://securityintelligence.com/posts/how-to-remediate-cross-site-websocket-vulnerability/

An insidious issue has been slowly growing under the noses of IT admins and security professionals for the past twenty years. As companies evolved to meet the technological demands of the early 2000s, they became increasingly dependent on vulnerable technology deployed within their internal network stack. While security evolved to patch known vulnerabilities, many companies […]

The post How to Compromise a Modern-Day Network appeared first on Security Intelligence.

https://securityintelligence.com/posts/how-to-compromise-modern-day-network/

For full details on this research, see the X-Force Red whitepaper “Controlling the Source: Abusing Source Code Management Systems”. This material is also being presented at Black Hat USA 2022. Source Code Management (SCM) systems play a vital role within organizations and have been an afterthought in terms of defenses compared to other critical enterprise […]

The post Controlling the Source: Abusing Source Code Management Systems appeared first on Security Intelligence.

https://securityintelligence.com/posts/abusing-source-code-management-systems/

For threat actors, phishing embodies the holy trinity of goals: easy, effective and profitable. It’s no wonder that the 2022 X-Force Threat Intelligence Index reports that phishing was the top method used by attackers to breach an organization. Of all the attacks that X-Force remediated in 2021, attackers used phishing in 41% of them. Because […]

The post Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing? appeared first on Security Intelligence.

https://securityintelligence.com/articles/what-is-spear-phishing-whaling-barrel-phishing/

The metaverse is a hot topic, and it’s easy to see why. It promises a 3D model of the internet, where virtual reality (VR) and mixed reality offer endless escapism. It provides a place parallel to the physical world where you can live a rich digital life: hang out with friends, shop for real or […]

The post Cybersecurity and the Metaverse: Patrolling the New Digital World appeared first on Security Intelligence.

https://securityintelligence.com/posts/metaverse-cybersecurity-concerns/

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on […]

The post Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program appeared first on Security Intelligence.

https://securityintelligence.com/posts/black-hat-2022-how-to-build-threat-hunting-program/

The average cost of a data breach reached an all-time high of $4.35 million this year, according to newly published 2022 Cost of a Data Breach Report, an increase of 2.6% from a year ago and 12.7% since 2020.

The post What’s New in the 2022 Cost of a Data Breach Report appeared first on Security Intelligence.

https://securityintelligence.com/posts/whats-new-2022-cost-of-a-data-breach-report/

More than a year ago, a ransomware attack made the news across the nation. The Colonial Pipeline Company announced on May 7, 2021, that the DarkSide Ransomware-as-a-Service group, based in eastern Europe, had hit it. The FBI has since confirmed DarkSide, which has since shut down, as the threat actors. What’s changed about U.S. cyber […]

The post U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack appeared first on Security Intelligence.

https://securityintelligence.com/articles/cybersecurity-policy-changed-since-colonial-pipeline-attack/

It was considered the “largest ever” internet attack in 2002. This distributed denial of service attack hit seven of the 13 servers at the top of the internet’s domain name system hierarchy. Now, 20 years later, its origins remain mysterious, but its methods and size still make it stand out. It isn’t the largest by […]

The post 20 Years Ago in Cybersecurity: Massive DDoS Attack Hits the Roots of the Internet appeared first on Security Intelligence.

https://securityintelligence.com/articles/20-years-cybersecurity-largest-ever-ddos-attack/

After decades of playing defense, the United States government went on the offense in the past few years against global state-sponsored cyber attackers. U.S. Cyber Command conducted “hunt forward” operations recently in 16 countries, including in Ukraine, as part of a policy set in 2018.  This policy involves partnering with foreign countries on finding cyber […]

The post What Cybersecurity Teams Can Learn From the US Cyber Command’s ‘Hunt Forward’ appeared first on Security Intelligence.

https://securityintelligence.com/articles/what-cybersecurity-teams-learn-us-cyber-command-hunt-forward/

This post was written with contributions from Andrew Gorecki, Camille Singleton and Charles DeBeck. May and June bring warm weather, backyard barbecues and, in recent years, an uptick in ransomware attacks. Why? “It’s possible workers are distracted because the sun is out and kids are out of school,” said Charles DeBeck, a former senior strategic […]

The post 5 Essential Steps for Every Ransomware Response Plan appeared first on Security Intelligence.

https://securityintelligence.com/posts/5-essential-steps-every-ransomware-response-plan/