Endpoint January 5, 2023

3 Reasons to Make EDR Part of Your Incident Response Plan

3 min read - As threat actors grow in number, the frequency of attacks witnessed globally will continue to rise exponentially. The numerous cases headlining the news today demonstrate that no organization is immune from the risks of a breach. What is an Incident…

Risk Management October 10, 2022

What You Should Know About the Honda Key Fob Vulnerability

3 min read - As a cybersecurity writer, I’m more aware than the average person of the security risks with any connected device. So when I sat in my new car for the first time and saw all the different ways it linked to…

Risk Management October 4, 2022

Why Do Ransomware Gangs Keep Coming Back From the Dead?

4 min read - Ransomware gangs are major players in the cybersecurity space, especially in recent years. ZDNet reported that ransomware gangs increased their payments by over 311% from 2019 to 2020, with totals for all groups exceeding $350 million in 2020. Ransoms continued…

Intelligence & Analytics September 21, 2022

How IBM Secured the 2022 US Open

4 min read - Throughout the US Open Tennis Championship, the infrastructure for USOpen.org and the mobile apps can see upwards of 3 million security events. While the vast majority of events are not serious, security analysts must quickly determine which are concerning to…

Government September 15, 2022

A Response Guide for New NSA and CISA Vulnerabilities

3 min read - The Cybersecurity and Infrastructure Security Agency (CISA) recently published a report highlighting a range of critical security vulnerabilities requiring attention from organizations of all types. The report was published with input from the National Security Agency (NSA) and similar agencies…

Incident Response September 13, 2022

We’re Entering the Age of Unethical Voice Tech

4 min read - In 2019, Google released a synthetic speech database with a very specific goal: stopping audio deepfakes. “Malicious actors may synthesize speech to try to fool voice authentication systems,” the Google News Initiative blog reported at the time. “Perhaps equally concerning,…

Risk Management August 30, 2022

How and Why Do Teens Become Cyber Criminals?

4 min read - The search to find the mastermind of the attacker group Lapsus$ led to a home outside Oxford, England. The suspected leader was a 16-year-old. He helped take down some of the world’s biggest companies, including Microsoft, from his mother’s house.…

Government August 29, 2022

How Cybersecurity Policy Has Changed Since the SolarWinds Attack

3 min read - Major cyberattacks since 2019 jolted the U.S. government and software industry into action. The succeeding years have seen executive orders, new funding, two summits and a newfound resolve. Because of those attacks, the federal government aims to fix the open-source…

Risk Management August 25, 2022

Black Hat SEO: Is Someone Phishing With Your Site Domain?

5 min read - Search engine optimization (SEO) is a long game. Improving your website to rank higher on search engine results pages helps you attract more traffic. Plus, it helps build a trustworthy reputation. But, some people want to take shortcuts by using…

Energy & Utility August 16, 2022

X-Force 2022 Insights: An Expanding OT Threat Landscape

9 min read - This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of…