Geek-Guy.com

Tag: Incident Response Plan

Solving the Data Problem Within Incident Response

One of the underappreciated aspects of incident response (IR) is that it often starts as a data problem. In many cases, IR teams are presented with an effect such as malware or adversary activity and charged with determining the cause through the identification of evidence that ties the cause and effect together within an environment […]

The post Solving the Data Problem Within Incident Response appeared first on Security Intelligence.

Everything You Need To Know About Ransomware Attacks and Gangs In 2022

Ransomware is a lucrative business for criminals. It is paying off, and it is working.  According to a recent Trend Micro report, a staggering 84% of US organizations experienced either a phishing or ransomware attack in the last year. The average ransomware payment was over $500,000. Bad actors want to keep cashing in. So they’re […]

The post Everything You Need To Know About Ransomware Attacks and Gangs In 2022 appeared first on Security Intelligence.

Cyber Warfare: What To Expect in 2022

Cyberwarfare is not a future threat—it’s a clear and present danger. While the concept of cyber terrorism might sound like something from a fictional movie, our interconnected world is riddled with security flaws that make it an unfortunate reality. Digital transformation has brought great convenience to consumers with mobile apps and e-commerce. And the evolution […]

The post Cyber Warfare: What To Expect in 2022 appeared first on Security Intelligence.

What to Do When a Ransomware Group Disappears

It’s your company’s worst nightmare: attackers managed to sneak ransomware onto your servers. Now, you’re locked out of every file unless you agree to pay whatever price they’re asking. As if the situation couldn’t get any worse, the attackers disappear without a trace and you can’t even pay their ransom to unlock your files. What […]

The post What to Do When a Ransomware Group Disappears appeared first on Security Intelligence.

Technical Problem or Cyber Crime? How to Tell the Difference

As soon as the Oct. 4 Facebook mega outage took place, questions about the cause ran rampant. Was it a cyber crime or a technical glitch?? Who was at fault? The outage reportedly resulted in the loss of some $60 to $100 million dollars of revenue, and Facebook’s stock plunged 4.9% on the same day. […]

The post Technical Problem or Cyber Crime? How to Tell the Difference appeared first on Security Intelligence.

“Trusted Partner” in Cybersecurity: Cliché or Necessity?

I dislike cliches. I suspect I’m not alone in that, but the truth is I’m guilty of using them on occasion — and I’m probably not alone in that, either. I was reading a tongue-in-cheek article the other day about the worst clichés in the business world. As you might imagine, some of the usual […]

The post “Trusted Partner” in Cybersecurity: Cliché or Necessity? appeared first on Security Intelligence.

Understanding the Adversary: How Ransomware Attacks Happen

IBM Security X-Force Incident Response (IR) has responded to hundreds of ransomware incidents across every geography and industry. As we have taken time to analyze these incidents, a clear pattern has emerged. Although we observe dozens of ransomware groups in operation across the globe, many with multiple affiliate groups working under them, most ransomware actors […]

The post Understanding the Adversary: How Ransomware Attacks Happen appeared first on Security Intelligence.

A Journey in Organizational Resilience: Supply Chain and Third Parties

The next stop on our journey focuses on those that you rely on: supply chains and third parties.  Working with external partners can be difficult. But, there is a silver lining. Recent attacks have resulted in an industry wake-up call when it comes to cybersecurity resilience. You see, the purpose of using external partners is […]

The post A Journey in Organizational Resilience: Supply Chain and Third Parties appeared first on Security Intelligence.

From Thanos to Prometheus: When Ransomware Encryption Goes Wrong

IBM Security X-Force researchers have recently reverse-engineered Prometheus ransomware samples as part of ongoing incident response operations. X-Force has found that samples that infected organizational networks featured flawed encryption. This allowed our team to develop a fast-acting decryptor and help customers recover from the attack without a decryption key. While rare, ransomware developers can make […]

The post From Thanos to Prometheus: When Ransomware Encryption Goes Wrong appeared first on Security Intelligence.

2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR

“How many millions did you pay threat actors in a ransomware attack?” “Which investments most significantly improved cyber resiliency for your organization?” “Do you have a cybersecurity incident response plan that’s applied consistently across your enterprise?” The answers to these and other key questions produced several notable findings in the latest 2021 Cyber Resilient Organization […]

The post 2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR appeared first on Security Intelligence.

Roundup: 2021 Energy & Utility Data Breaches and Defenses in the News

Ransomware is evolving. How long until it takes down operational technology? In May 2021, Colonial Pipeline, one of the largest fuel pipelines in the United States, faced a ransomware attack. The company, which transports more than 100 million gallons of gasoline and other fuel daily from Houston to the New York Harbor, shut down work […]

The post Roundup: 2021 Energy & Utility Data Breaches and Defenses in the News appeared first on Security Intelligence.

A Journey in Organizational Resilience: Privacy

Privacy concerns may not be the first issue that comes to mind when building an enterprise cyber resilience plan. However, you should expect them to gain prominence. For perspective, consider for a moment that the NIST Privacy Framework is a relatively new tool. It was only first deployed in January 2020.  Even ISO only released […]

The post A Journey in Organizational Resilience: Privacy appeared first on Security Intelligence.

Detections That Can Help You Identify Ransomware

One of the benefits of being part of a global research-driven incident response firm like X-Force Incidence Response (IR) is that the team has the ability to take a step back and analyze incidents, identifying trends and commonalities that span geographies, industries and affiliations. Leveraging that access and knowledge against the ransomware threat has revealed […]

The post Detections That Can Help You Identify Ransomware appeared first on Security Intelligence.

How to Protect Against Deepfake Attacks and Extortion

Cybersecurity professionals are already losing sleep over data breaches and how to best protect their employers from attacks. Now they have another nightmare to stress over — how to spot a deepfake.  Deepfakes are different because attackers can easily use data and images as a weapon. And those using deepfake technology can be someone from […]

The post How to Protect Against Deepfake Attacks and Extortion appeared first on Security Intelligence.

Privileged Access Management: The Future of Cyber Resilience

Attacks against critical infrastructure and government agencies have been surging. Some attackers want to extort money; others intend to steal data. But the victims all have one thing in common: they need to be able to fend off attacks and recover so they can continue to perform their functions. That’s where cyber resilience comes in, […]

The post Privileged Access Management: The Future of Cyber Resilience appeared first on Security Intelligence.

Dissecting Sodinokibi Ransomware Attacks: Bringing Incident Response and Intelligence Together in the Fight

Ransomware actors are specializing, collaborating and assisting each other to conduct sophisticated attacks that are becoming increasingly difficult to prevent. Combating these groups effectively similarly requires a team approach — specialization, understanding tactics and techniques and how to counter them and cutting off activity at its source. Arguably, it has never been more imperative that […]

The post Dissecting Sodinokibi Ransomware Attacks: Bringing Incident Response and Intelligence Together in the Fight appeared first on Security Intelligence.