CISO May 28, 2019 Interns and Social Media: A Goldmine for Hackers 7 min read - A social media post from one of a company's interns was all this people hacker needed to enter a secure area with a counterfeit employee badge.
Threat Intelligence May 27, 2019 HawkEye Malware Operators Renew Attacks on Business Users 3 min read - IBM X-Force researchers report an increase in HawkEye v9 keylogger infection campaigns targeting businesses around the world.
Endpoint May 20, 2019 How to Fight Back Against Macro Malware 6 min read - Per X-Force IRIS, at least 22 percent of reported campaigns in April 2019 delivered macro malware. What methods can defenders leverage to help detect malicious macro activity?
Advanced Threats May 16, 2019 GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation 4 min read - In an operation crowned "unprecedented," Europol and the DOJ joined forces and successfully dismantled what was left of the GozNym cybercrime gang that attempted to steal well over $100 million.
Threat Intelligence May 16, 2019 The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015 6 min read - Despite the rise in vulnerability reporting, cryptojacking attacks and attacks on critical infrastructure, one threat trend has been on the decline.
Software Vulnerabilities May 2, 2019 Published Exploits for Accessing SAP Systems Put Security Teams on Alert 6 min read - Researchers published two pieces of exploit code that can allow anyone to interact with an organization's SAP enterprise resource planning platform and perform unauthorized transactions.
Software Vulnerabilities May 1, 2019 Penetration Testing Versus Red Teaming: Clearing the Confusion 6 min read - There is some confusion in cybersecurity as to the difference between penetration testing and red teaming. Since all businesses have vastly different security needs, the distinction is critical.
Intelligence & Analytics April 23, 2019 How IBM X-Force IRIS Prepared for the Ukraine Election 7 min read - Before the first round of the Ukraine election in March, we decided that we couldn't afford to sit on our heels until an attack was launched.
Endpoint April 17, 2019 How to Defend Your Organization Against Fileless Malware Attacks 4 min read - Fighting fileless malware attacks will take some serious effort and careful coordination among a variety of tools and techniques.
April 15, 2019 Attackers Use EternalBlue and PowerShell Scripts to Spread Cryptomining Malware Across Asia 2 min read - A cryptomining malware campaign originally discovered in January is now using the EternalBlue exploit to target users in Asia, according to security researchers.