Throughout the US Open Tennis Championship, the infrastructure for USOpen.org and the mobile apps can see upwards of 3 million security events. While the vast majority of events are not…
Browsing Categorythreat hunting
Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program
You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s…
Security Obscurity Versus Ethical Hackers: Who’s Right?
Security breaches can lead to damage to a business’s finances, operations and reputation. What many companies might fear most is the latter: damage to their reputation. This may explain why…
What Cybersecurity Teams Can Learn From the US Cyber Command’s ‘Hunt Forward’
After decades of playing defense, the United States government went on the offense in the past few years against global state-sponsored cyber attackers. U.S. Cyber Command conducted “hunt forward” operations…
Digital Shadows Weaken Your Attack Surface
Every tweet, text, bank transaction, Google search and DoorDash order is part of your digital shadow. We all have one, and the contents of your shadow aren’t always private. For…
Countdown to Ransomware: Analysis of Ransomware Attack Timelines
This research was made possible through the data collection efforts of Maleesha Perera, Joffrin Alexander, and Alana Quinones Garcia. Key Highlights The average duration of an enterprise ransomware attack reduced…
Black Basta Besting Your Network?
This post was written with contributions from Chris Caridi and Kat Weinberger. IBM Security X-Force has been tracking the activity of Black Basta, a new ransomware group that first appeared…
How Dangerous Is the Cyber Attack Risk to Transportation?
If an attacker breaches a transit agency’s systems, the impact could reach far beyond server downtime or leaked emails. Imagine an attack against a transportation authority that manages train and…
MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be?
The MITRE ATT&CK threat framework is seemingly everywhere these days, and with good reason. It is an invaluable tool for understanding the various methods, or as MITRE refers to them…
The Growing Danger of Data Exfiltration by Third-Party Web Scripts
The theft of personal or sensitive data is one of the biggest threats to online business. This danger, data exfiltration or data extrusion, comes from a wide variety of attack…