Exclusive

Mobile Security January 10, 2023

A View Into Web(View) Attacks in Android

James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks…

Third-Party App Stores Could Be a Red Flag for iOS Security

4 min read - Even Apple can’t escape change forever. The famously restrictive company will allow third-party app stores for iOS devices, along with allowing users to “sideload” software directly. Spurring the move is the European Union’s (EU) Digital Markets Act (DMA), which looks…

Data Protection January 26, 2023

Defensive Driving: The Need for EV Cybersecurity Roadmaps

4 min read - As the U.S. looks to bolster electric vehicle (EV) adoption, a new challenge is on the horizon: cybersecurity. Given the interconnected nature of these vehicles and their reliance on local power grids, they’re not just an alternative option for getting…

Government January 25, 2023

Who Will Be the Next National Cyber Director?

4 min read - After Congress approved his nomination in 2021, Chris Inglis served as the first-ever National Cyber Director for the White House. Now, he plans to retire. So who’s next? As of this writing in January of 2023, there remains uncertainty around…

Web Stories

Cyber threats: What’s new, old and trending

Data breach costs hit record highs

Ransomware: What you don’t know

Getting started with zero trust

Cybersecurity in the age of COVID

Kronos Malware Reemerges with Increased Functionality

6 min read - The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of…

Risk Management January 24, 2023

Too Much Caffeine? Phishing-as-a-Service Makes Us Jittery

2 min read - Recently, investigators at Mandiant discovered a new software platform with an intuitive interface. The service has tools to orchestrate and automate core campaign elements. Some of the platform’s features enable self-service customization and campaign tracking. Sounds like a typical Software-as-a-Service…

CISO January 24, 2023

Everyone Wants to Build a Cyber Range: Should You?

7 min read - In the last few years, IBM X-Force has seen an unprecedented increase in requests to build cyber ranges. By cyber ranges, we mean facilities or online spaces that enable team training and exercises of cyberattack responses. Companies understand the need…

Timeline

State and Local Government Cyberattacks Timeline

State and local governments face malicious actors who target personal information and key services, endangering both citizens and critical infrastructure. Explore this timeline for a sense of the evolving landscape, attack patterns and prevention best practices.

EXPLORE THE TIMELINE

An IBM Hacker Breaks Down High-Profile Attacks

5 min read - On September 19, 2022, an 18-year-old cyberattacker known as “teapotuberhacker” (aka TeaPot) allegedly breached the Slack messages of game developer Rockstar Games. Using this access, they pilfered over 90 videos of the upcoming Grand Theft Auto VI game. They then…

Risk Management January 23, 2023

Log4j Forever Changed What (Some) Cyber Pros Think About OSS

4 min read - In late 2021, the Apache Software Foundation disclosed a vulnerability that set off a panic across the global tech industry. The bug, known as Log4Shell, was found in the ubiquitous open-source logging library Log4j, and it exposed a huge swath…

Software Vulnerabilities January 20, 2023

Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP”

10 min read - September’s Patch Tuesday unveiled a critical remote vulnerability in tcpip.sys, CVE-2022-34718. The advisory from Microsoft reads: “An unauthenticated attacker could send a specially crafted IPv6 packet to a Windows node where IPsec is enabled, which could enable a remote code…

Latest Podcast

Season 2 |Episode 6

Operational Technology Attacks: The Curse of Cassandra or the Hype of Chicken Little?

How far-reaching are cybersecurity threats against operational technology systems? Examine just how impactful the threat to OT might be in this episode of Into the Breach.

Now playing

34:13

ALL Episodes

Featured by topic

Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.

Cybersecurity News By Topic By Industry Exclusive Series Threat Research Podcast Events Contact About Us

Security Intelligence

{{title}}

{{title}}

{{title}}

{{title}}

Topics

A View Into Web(View) Attacks in Android

Third-Party App Stores Could Be a Red Flag for iOS Security

Defensive Driving: The Need for EV Cybersecurity Roadmaps

Who Will Be the Next National Cyber Director?

Kronos Malware Reemerges with Increased Functionality

Too Much Caffeine? Phishing-as-a-Service Makes Us Jittery

Everyone Wants to Build a Cyber Range: Should You?

State and Local Government Cyberattacks Timeline

An IBM Hacker Breaks Down High-Profile Attacks

Log4j Forever Changed What (Some) Cyber Pros Think About OSS

Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP”

{{title}}

{{title}}

{{title}}

{{title}}

A View Into Web(View) Attacks in Android

Third-Party App Stores Could Be a Red Flag for iOS Security

Defensive Driving: The Need for EV Cybersecurity Roadmaps

Who Will Be the Next National Cyber Director?

New Survey Shows Burnout May Lead to Attrition

Alleged FBI Database Breach Exposes Agents and InfraGard

Google Ad Scam Makes Millions Using Fake Adult-Only Sites

Kronos Malware Reemerges with Increased Functionality

Too Much Caffeine? Phishing-as-a-Service Makes Us Jittery

Everyone Wants to Build a Cyber Range: Should You?

State and Local Government Cyberattacks Timeline

An IBM Hacker Breaks Down High-Profile Attacks

Log4j Forever Changed What (Some) Cyber Pros Think About OSS

Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP”