May 28, 2019

Sodinokibi Ransomware Fixes Scaling Issues, Targets Large Enterprises

2 min read - Recent variants of Sodinokibi accounted for scaling issues as the ransomware family steadily moves to target large enterprises.

CISO May 28, 2019

Interns and Social Media: A Goldmine for Hackers

7 min read - A social media post from one of a company's interns was all this people hacker needed to enter a secure area with a counterfeit employee badge.

Threat Intelligence May 16, 2019

The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015

6 min read - Despite the rise in vulnerability reporting, cryptojacking attacks and attacks on critical infrastructure, one threat trend has been on the decline.

May 14, 2019

Updated Version of KPOT Stealer Available for Purchase on Underground Hacking Forums

2 min read - Researchers observed cybercriminals selling an updated version of the KPOT stealer on some underground hacking forums.

Software Vulnerabilities May 1, 2019

Penetration Testing Versus Red Teaming: Clearing the Confusion

6 min read - There is some confusion in cybersecurity as to the difference between penetration testing and red teaming. Since all businesses have vastly different security needs, the distinction is critical.

April 29, 2019

Latest Emotet Variant Wielding Connected Devices as First-Layer C&C Servers

2 min read - A new variant of the Emotet banking malware is using compromised connected devices as first-layer command-and-control (C&C) servers.

Energy & Utility April 25, 2019

Industrial Control Systems Security: To Test or Not to Test?

6 min read - According to X-Force Red data, the number of vulnerabilities exposing industrial control systems has increased 83 percent since 2011. Should organizations test them and risk destabilizing operations?

April 17, 2019

Spear Phishing Report Card: Perfect Scores in School Security Pen Testing

2 min read - According to a new U.K.-based study, 100 percent of test spear phishing attacks gained access to sensitive university data in less than two hours.

Data Protection April 1, 2019

The US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security

4 min read - Healthcare security is going to play a huge role if the utopian vision of a purely digital healthcare ecosystem is going to be realized.

Security Services March 29, 2019

How Chris Thomas Paired His Passion for Blockchain With Pen Testing

2 min read - Chris Thomas, X-Force Red's blockchain security expert, has always had an interest in understanding how technologies are built and operated.