Risk Management January 19, 2023

Synthetic media creates new social engineering threats

4 min read - Social engineering attacks have challenged cybersecurity for years. No matter how strong your digital security, authorized human users can always be manipulated into opening the door for a clever cyber attacker. Social engineering typically involves tricking an authorized user into…

Risk Management June 2, 2022

Recovering Ransom Payments: Is This the End of Ransomware?

4 min read - What’s the best way to stop ransomware? Make it riskier and less lucrative for cyber criminals. Nearly all intruders prefer to collect a ransom in cryptocurrency. But it’s a double-edged sword since even crypto leaves a money trail. Recovering ransomware…

Risk Management May 19, 2022

Malicious Reconnaissance: What It Is and How To Stop It

2 min read - You spend your days getting ready to stop threat actors. But even as you wonder, attackers could already be ‘casing the joint’. Before any well-organized attack, skillful or professional attackers quietly snoop around, looking for chances to gain access. It’s…

Incident Response November 22, 2021

A Journey in Organizational Resilience: Insider Threats

4 min read - Very much like privacy concerns, insider threats may not be the first issue to come to mind when building an enterprise cyber resilience plan. However, they should be. Here is why: because as we noted in the first piece of…

News October 6, 2021

CISA Creates JCDC Agency for U.S. Cyber Defense Operations Plans

2 min read - The Cybersecurity and Infrastructure Security Agency (CISA) announced the creation of a new agency on Aug. 6 to lead the development and execution of U.S. cyber defense plans. CISA dubbed the new agency the Joint Cyber Defense Collaborative (JCDC). Its…

Zero Trust September 1, 2021

The OWASP Top 10 Threats Haven’t Changed in 2021 — But Defenses Have

5 min read - The more things change, the more they stay the same. Despite a changing threat landscape and threat actors who keep upping their game, the vulnerabilities behind the threats remain consistent. The OWASP Top 10, ranked by the Open Web Application…

Threat Intelligence August 4, 2021

ITG18: Operational security errors continue to plague sizable Iranian threat group

5 min read - This blog supplements a Black Hat USA 2021 talk given August 2021.  IBM Security X-Force threat intelligence researchers continue to track the infrastructure and activity of a suspected Iranian threat group ITG18. This group’s tactics, techniques and procedures(TTPs) overlap with…

Zero Trust July 21, 2021

Beyond Ransomware: Four Threats Facing Companies Today

4 min read - The recent DarkSide attack makes it clear: no system is safe from ransomware. And while the attackers say they weren’t out to hurt anyone, only to make money, the impact is the same. It could lead to potential disruptions of…

Application Security June 25, 2021

Cloud Security: Navigating the Cloud Migration Journey Successfully

4 min read - During the last decade, conversations about cloud migration and transformation, as well as cloud security, have been ubiquitous among business owners. With Gartner’s most recent forecast of an 18.4% increase in worldwide public spending on cloud services in 2021, totaling…

Malware June 23, 2021

Ursnif Leverages Cerberus to Automate Fraudulent Bank Transfers in Italy

9 min read - Contributed to this research: Segev Fogel, Amir Gendler and Nethanella Messer. IBM Trusteer researchers continually monitor the evolution and attack tactics in the banking sector. In a recent analysis, our team found that an Ursnif (aka Gozi) banking Trojan variant…