EXCLUSIVE

Advanced Threats October 13, 2021

Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds

IBM X-Force has been tracking the activity of ITG23, a prominent cybercrime gang also known as the TrickBot Gang and Wizard Spider. Researchers are seeing an aggressive expansion of the gang’s malware distribution channels, infecting enterprise users with Trickbot and…

How the 2011 DigiNotar Attacks Changed Cybersecurity for the Next Decade

The DigiNotar attack in 2011 set itself apart because it was an attack on the cybersecurity industry itself. Most attacks are on a single company. But this one shook trust in cybersecurity tools and how users decide whom to trust…

Mobile Security October 22, 2021

Cybersecurity Training: Why You Should Train Employees on Social Media Discretion

A few years ago, I was invited on a behind-the-scenes tour of the security operations of a well-known Las Vegas casino. Before we could enter, however, we had to turn off our phones and put them away. No pictures, we…

Data Protection October 21, 2021

Database Security Best Practices: The Essential Guide

In 2021, an F-35 fighter jet is more likely to be taken out by a cyberattack than a missile. In the digital age, the threat of an attack is everywhere and constantly growing. If your company or agency fails to…

CISO October 21, 2021

Non-Traditional Cybersecurity Career Paths: Entering the Industry

There are lots of ways organizations can work to address the cybersecurity skills gap. Working with young people, providing skilling for students and implementing zero trust helps. So does amplifying gender diversity and promoting respect in the workplace. Organizations can…

Intelligence & Analytics October 20, 2021

Detections That Can Help You Identify Ransomware

One of the benefits of being part of a global research-driven incident response firm like X-Force Incidence Response (IR) is that the team has the ability to take a step back and analyze incidents, identifying trends and commonalities that span…

Timeline

State and Local Government Cyberattacks Timeline

State and local governments face malicious actors who target personal information and key services, endangering both citizens and critical infrastructure. Explore this timeline for a sense of the evolving landscape, attack patterns and prevention best practices.

EXPLORE THE TIMELINE

What Is Proactive Cybersecurity?

Most organizations take what you might call an active approach to cybersecurity, They’re prepared to do certain things once an attack happens. Or, they take a reactive approach, taking action after an attack is completed. A proactive cybersecurity strategy is…

Application Security October 20, 2021

Exploring the Costs, Risks and Causes of a Government Data Breach

In nearly every part of the world, people associate the word ‘government’ with order. Government services bring societal order, economic stability and security at all levels. However, the past decade of data breaches has challenged this. Federal and local governments…

Data Protection October 19, 2021

Passwordless Authentication Is Here: What Do You Need to Know?

Passwords are becoming a dying breed. In a recent article from Microsoft, they announced that they are putting aside their decades-old practice of forcing users to sign in with a password to use the business and personal applications suite —…

Incident Response October 18, 2021

A Journey in Organizational Resilience: Training and Testing

We are far from a breach-free world. After all, even cybercriminals have shown their own form of resilience. For example, after a short hiatus, the ransomware group REvil came back in September 2021. Until the day we can leave our…

CISO October 18, 2021

Cybersecurity Careers: Awareness, Opportunities and Retention

This week, Cybersecurity Awareness Month focuses on cybersecurity careers and jobs in the industry, with a simple tagline: Explore. Experience. Share. Check out NIST’s workshops and toolkits for Career Week. For cybersecurity and IT workers, if you want to position…

Web Stories

Data breach costs hit record highs

Ransomware: What you don’t know

Getting started with zero trust

Cybersecurity in the age of COVID

Ransomware rules

Latest Podcast

Season 1 |Episode 4

Developing a Cloud Security Strategy

Playlist 3 |Episode 19

Training with Chaos Engineering

Playlist 3 |Episode 18

Time Is (Still) Money and Other Findings from the 2020 Cost of a Data Breach Report

Playlist 3 |Episode 17

Contextualizing Zero Trust

Playlist 3 |Episode 16

Recent Activity from ITG16, a North Korean Threat Group

Playlist 3 |Episode 15

Consumer Identity and Access Management (CIAM): Reducing Friction Without Reducing Security

Playlist 3 |Episode 14

Exploring the Impact of the ITG08 Threat Group

Playlist 3 |Episode 13

Creating AI Without Bias

Playlist 3 |Episode 12

Current Trends in the Threat Intelligence Landscape

Playlist 3 |Episode 11

Verify to Simplify: Demystifying Zero Trust