You spend your days getting ready to stop threat actors. But even as you wonder, attackers could already be ‘casing the joint’. Before any well-organized attack, skillful or professional attackers…
Posts TaggedSecurity Intelligence
ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups
IBM Security X-Force researchers have continually analyzed the use of several crypters developed by the cybercriminal group ITG23, also known as Wizard Spider, DEV-0193, or simply the “Trickbot Group”. The…
How Dangerous Is the Cyber Attack Risk to Transportation?
If an attacker breaches a transit agency’s systems, the impact could reach far beyond server downtime or leaked emails. Imagine an attack against a transportation authority that manages train and…
Avoiding the Unintended Consequences of Strict Cybersecurity Policies
Does the left hand know what the right hand is doing? Or does even the left pinky know what the left ring finger is doing? Problems can easily arise when…
62% of Surveyed Organizations Hit By Supply Chain Attacks in 2021
You’ve heard more about the supply chain in the past two years than you ever expected, or likely wanted. But, as a cybersecurity professional, you now have even more reason…
MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be?
The MITRE ATT&CK threat framework is seemingly everywhere these days, and with good reason. It is an invaluable tool for understanding the various methods, or as MITRE refers to them…
What Do Financial Institutions Need to Know About the SEC’s Proposed Cybersecurity Rules?
On March 9, the U.S. Securities and Exchange Commission (SEC) announced a new set of proposed rules for cybersecurity risk management, strategy and incident disclosure for public companies. One intent…
New DOJ Team Focuses on Ransomware and Cryptocurrency Crime
While no security officer would rely on this alone, it’s good to know the U.S. Department of Justice is increasing efforts to fight cyber crime. According to a recent address…
The Growing Danger of Data Exfiltration by Third-Party Web Scripts
The theft of personal or sensitive data is one of the biggest threats to online business. This danger, data exfiltration or data extrusion, comes from a wide variety of attack…
Modern Identity and Access Management Makes a Difference, Especially at a Mega-Scale
As businesses embrace more remote users and a hybrid work model, managing user identity and access is more important than ever. Add authentication for millions of third parties and non-employees,…