In an advisory released on October 24, Microsoft announced ongoing campaigns it has attributed to the Nobelium state-sponsored threat group. IBM X-Force tracks this group as Hive099. If the name sounds familiar, that’s because it is the same group that targeted SolarWinds in 2020. The U.S. government has identified Nobelium as part of Russia’s foreign […]

The post Nobelium Espionage Campaign Persists, Service Providers in Crosshairs appeared first on Security Intelligence.

https://securityintelligence.com/posts/nobelium-espionage-campaign-persists/

One of the benefits of being part of a global research-driven incident response firm like X-Force Incidence Response (IR) is that the team has the ability to take a step back and analyze incidents, identifying trends and commonalities that span geographies, industries and affiliations. Leveraging that access and knowledge against the ransomware threat has revealed […]

The post Detections That Can Help You Identify Ransomware appeared first on Security Intelligence.

https://securityintelligence.com/posts/detections-help-identify-ransomware/

Cybersecurity experts fill our days with terminology from warfare, including jargon such as red team versus blue team. The concept of ‘red team’ has its origin in wargaming. The red team plays an opposing force and attempts to bypass the barriers of the defending or blue team.   These exercises are not about winning or […]

The post When Is an Attack not an Attack? The Story of Red Team Versus Blue Team appeared first on Security Intelligence.

https://securityintelligence.com/articles/red-team-versus-blue-team-attack/

With incidents such as the Colonial Pipeline infection and the Kaseya supply chain attack making so many headlines these days, it can be easy to forget that malicious actors are still preying on individual users. They’re not using ransomware to do that so much anymore, though. Not since the rise of big game hunting, anyway. […]

The post How to Report Scam Calls and Phishing Attacks appeared first on Security Intelligence.

https://securityintelligence.com/articles/how-to-report-scam-calls-phishing-attacks/

IBM X-Force has been tracking the activity of ITG23, a prominent cybercrime gang also known as the TrickBot Gang and Wizard Spider. Researchers are seeing an aggressive expansion of the gang’s malware distribution channels, infecting enterprise users with Trickbot and BazarLoader. This move is leading to more ransomware attacks — particularly ones using the Conti […]

The post Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds appeared first on Security Intelligence.

https://securityintelligence.com/posts/trickbot-gang-doubles-down-enterprise-infection/

In terms of database security, any bad practice is dangerous. Still, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently deemed some behavior as “exceptionally risky.” Are your teams engaged in these high-risk practices? What can you do to mitigate the risk of a data breach? As per CISA, “The presence of these Bad Practices […]

The post CISA Names 3 ‘Exceptionally Dangerous’ Behaviors to Avoid appeared first on Security Intelligence.

https://securityintelligence.com/articles/cisa-three-exceptionally-dangerous-behaviors-to-avoid/

Ransomware is an expensive cybercrime and getting more so all the time. Payouts have risen massively in the past few years. But while ransomware payment amounts make headlines, the real costs go far beyond what’s paid to the attackers.  How Ransomware Works Now Ransomware has always been a problem. But in recent years, attackers have […]

The post The Real Cost of Ransomware appeared first on Security Intelligence.

https://securityintelligence.com/articles/real-cost-of-ransomware/

Why is one of cyber crime’s oldest threats still going strong? The Anti-Phishing Working Group (APWG) reports that January 2021 marked an unprecedented high in the APWG’s records, with over 245,771 phishing attacks in one month. IBM X-Force’s 2021 Threat Intelligence Index found that phishing led to 33% of cyber attacks organizations had to deal […]

The post Phishing Attacks Are Top Cyber Crime Threat, Easier Than Ever to Create and Deploy appeared first on Security Intelligence.

https://securityintelligence.com/posts/phishing-attacks-top-cyber-threat-create-deploy/

Not long after launching a major supply chain attack in July 2021, the REvil ransomware gang went offline. The group’s infrastructure, including its surface and dark web portals used for ransom negotiations and data leaks, shut down on July 12, according to Bleeping Computer. Russian digital crime forum XSS banned Unknown, a user believed to […]

The post What Happens to Victims When a Ransomware Gang Vanishes? appeared first on Security Intelligence.

https://securityintelligence.com/articles/what-happens-victims-when-ransomware-gang-vanishes/

Can having a mature, comprehensive cloud security strategy reduce the impact of data breaches on your organization? Results from the latest Cost of a Data Breach Report indicate that taking this approach might produce potential savings for your business. Among other findings, the report noted that the mature use of security analytics was associated with […]

The post Know the Four Pillars of Cloud Security That Reduce Data Breach Risk appeared first on Security Intelligence.

https://securityintelligence.com/posts/four-pillars-cloud-security-reduce-data-breach-risk/

Moving along our organizational resilience journey, we focus on disaster recovery (DR), the perfect follow-up to business continuity (BC) The two go hand-in-hand, often referenced as BCDR, and both are key to your cyber resilience planning. If you recall from the previous piece, NIST SP 800-34 calls out a separate disaster recovery plan, as it […]

The post A Journey in Organizational Cyber Resilience Part 3: Disaster Recovery appeared first on Security Intelligence.

https://securityintelligence.com/articles/organizational-cyber-resilience-part-3-disaster-recovery/

You’ve probably heard the phrase “you don’t know what you don’t know”. It’s a stage of learning most people find themselves in at one time or another. When it comes to cybersecurity, hackers succeed by finding the security gaps and vulnerabilities you missed. That’s true of malicious attackers. But it’s also true of their equivalent […]

The post 12 Benefits of Hiring a Certified Ethical Hacker appeared first on Security Intelligence.

https://securityintelligence.com/articles/12-benefits-hiring-certified-ethical-hacker/

Cybersecurity professionals are already losing sleep over data breaches and how to best protect their employers from attacks. Now they have another nightmare to stress over — how to spot a deepfake.  Deepfakes are different because attackers can easily use data and images as a weapon. And those using deepfake technology can be someone from […]

The post How to Protect Against Deepfake Attacks and Extortion appeared first on Security Intelligence.

https://securityintelligence.com/articles/how-protect-against-deepfake-attacks-extortion/

Retail data breaches involving customer data happen often today. However, they tend to be smaller insize than health care, finance or government breaches. So, the general public notices them less. Yet, they happen more often than realized. Why? And how can you defend against them?  Human Error in Customer Data Theft All types of retail […]

The post What’s Behind the Leaks of Customer Data From Retailer Databases? appeared first on Security Intelligence.

https://securityintelligence.com/articles/behind-leaks-customer-data-retailer-databases/

Malware can show up where you least expect it. Researchers discovered a logic bomb attack in the Python Package Index (PyPI) repository, which is code repository for Python developers and part of the software supply chain. Attackers aimed to get honest software developers to include the bombs in their applications by accident.  The researchers found […]

The post Cryptominers Snuck Logic Bomb Into Python Packages appeared first on Security Intelligence.

https://securityintelligence.com/articles/cryptominers-snuck-logic-bomb-into-python-packages/

As cybercriminals remain steadfast in their pursuit of unsuspecting ways to infiltrate today’s businesses, a new report by IBM Security X-Force highlights the top tactics of cybercriminals, the open doors users are leaving for them and the burgeoning marketplace for stolen cloud resources on the dark web. The big takeaway from the data is businesses […]

The post X-Force Report: No Shortage of Resources Aimed at Hacking Cloud Environments appeared first on Security Intelligence.

https://securityintelligence.com/posts/x-force-report-hacking-cloud-environments/

Many companies today automate their software development life cycle with continuous integration and continuous delivery (CI/CD). It’s part of the broader DevOps movement to speed software development while reducing errors. Continuous integration builds and tests code automatically, while continuous delivery automates the entire software release process up to production. In order to secure it, industry […]

The post How DevSecOps Can Secure Your CI/CD Pipeline appeared first on Security Intelligence.

https://securityintelligence.com/articles/how-devsecops-secure-cicd-pipeline/