In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged…
Browsing CategoryIncident Response
Breaking Down a Cyberattack, One Kill Chain Step at a Time
In today’s wildly unpredictable threat landscape, the modern enterprise should be familiar with the cyber kill chain concept. A cyber kill chain describes the various stages of a cyberattack pertaining…
Defining the Cobalt Strike Reflective Loader
The Challenge with Using Cobalt Strike for Advanced Red Team Exercises While next-generation AI and machine-learning components of security solutions continue to enhance behavioral-based detection capabilities, at their core many…
Defining the Cobalt Strike Reflective Loader
The Challenge with Using Cobalt Strike for Advanced Red Team Exercises While next-generation AI and machine-learning components of security solutions continue to enhance behavioral-based detection capabilities, at their core many…
What is a Red Teamer? All You Need to Know
A red teamer is a cybersecurity professional that works to help companies improve IT security frameworks by attacking and undermining those same frameworks, often without notice. The term “red teaming”…
The Role of Marketing and PR in Incident Response
Responding to a cyber incident requires teamwork across departments and disciplines. Technical incident responders must work to halt incoming attacks while the communications teams develop a public response. Clear communication…
How Breached Companies Become the Face of Change
I’ve always told my kids that everyone makes mistakes. What really matters is how you handle them and that you learn from what happened. SolarWinds followed the same thinking in…
What is an Incident Response Professional?
As part of our ongoing series highlighting various roles in the cybersecurity industry, this article shines the light on the incident response professional. While there are many misconceptions surrounding the…
Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023
Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis…
Why Crowdsourced Security is Devastating to Threat Actors
Almost every day, my spouse and I have a conversation about spam. Not the canned meat, but the number of unwelcomed emails and text messages we receive. He gets several…