Geek-Guy.com

Tag: Security Services

To Cybersecurity Incident Responders Holding the Digital Front Line, We Salute You

Over the course of two decades, I’ve seen Incident Response (IR) take on many forms. Cybercrime’s evolution has pulled the nature of IR along with it — shifts in cybercriminals’ tactics and motives have been constant. Even the cybercriminal psyche has completely rebirthed, with more collaboration amongst gangs and fully established ransomware enterprises running. When […]

The post To Cybersecurity Incident Responders Holding the Digital Front Line, We Salute You appeared first on Security Intelligence.

CISA Certification: What You Need to Know

The globally-recognized Certified Information Systems Auditor (CISA) certification shows knowledge of IT and auditing, security, governance, control and assurance to assess potential threats. As you can imagine, it’s very much in demand. It can also be confusing.  Is CISA Certification Related to the Cybersecurity and Infrastructure Security Agency? CISA, the certification, is related to CISA, […]

The post CISA Certification: What You Need to Know appeared first on Security Intelligence.

Raspberry Robin and Dridex: Two Birds of a Feather

IBM Security Managed Detection and Response (MDR) observations coupled with IBM Security X-Force malware research sheds additional light on the mysterious objectives of the operators behind the Raspberry Robin worm. Based on a comparative analysis between a downloaded Raspberry Robin DLL and a Dridex malware loader, the results show that they are similar in structure […]

The post Raspberry Robin and Dridex: Two Birds of a Feather appeared first on Security Intelligence.

What Should Customers Ask Managed Service Providers?

Managed service providers (MSPs), sometimes called managed security services (MSS) or MSSP, play a very important role in protecting data and other digital assets and will continue to do so. Some of the benefits include, but are not limited to: Mostly predictable costs, including less burden on capital expenditure, and pay-as-you-go models Dedicated and informed […]

The post What Should Customers Ask Managed Service Providers? appeared first on Security Intelligence.

The Ransomware Playbook Mistakes That Can Cost You Millions

If there is one type of cyberattack that can drain the color from any security leader’s face, it’s ransomware. A crippling, disruptive, and expensive attack to recover from, with final costs rarely being easy to foretell. Already a prevalent threat, the number of ransomware attacks rose during the pandemic and nearly doubled in the year […]

The post The Ransomware Playbook Mistakes That Can Cost You Millions appeared first on Security Intelligence.

Controlling the Source: Abusing Source Code Management Systems

For full details on this research, see the X-Force Red whitepaper “Controlling the Source: Abusing Source Code Management Systems”. This material is also being presented at Black Hat USA 2022. Source Code Management (SCM) systems play a vital role within organizations and have been an afterthought in terms of defenses compared to other critical enterprise […]

The post Controlling the Source: Abusing Source Code Management Systems appeared first on Security Intelligence.

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on […]

The post Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program appeared first on Security Intelligence.

Security Obscurity Versus Ethical Hackers: Who’s Right?

Security breaches can lead to damage to a business’s finances, operations and reputation. What many companies might fear most is the latter: damage to their reputation. This may explain why 65% of organizations want to be seen as infallible, as per a recent HackerOne survey. Meanwhile, 64% maintain a culture of security through obscurity, and […]

The post Security Obscurity Versus Ethical Hackers: Who’s Right? appeared first on Security Intelligence.

Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine

Following ongoing research our team, IBM Security X-Force has uncovered evidence indicating that the Russia-based cybercriminal syndicate “Trickbot group” has been systematically attacking Ukraine since the Russian invasion — an unprecedented shift as the group had not previously targeted Ukraine. Between mid-April and mid-June of 2022 the Trickbot group, tracked by X-Force as ITG23 and […]

The post Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine appeared first on Security Intelligence.

How to Secure Your SAP Environment

The protection of the SAP systems, as mission-critical applications, is becoming the priority for the most relevant organizations all over the world. The security hardening of SAP systems is key in these uncertain times, where threat actors start seeing SAP as the main door to perform successful attacks. There are multiple surveys in the cybersecurity […]

The post How to Secure Your SAP Environment appeared first on Security Intelligence.

Is 2022 the Year of Secure Access Service Edge?

In 2022, nearly 60% of U.S. workers (whose work can be done remotely) work from home all or most of the time. Remote work coupled with the explosion of apps, APIs, devices and Internet of Things (IoT) shows us no organization can afford to think about the perimeter in yesterday’s terms anymore.  SASE (Secure Access […]

The post Is 2022 the Year of Secure Access Service Edge? appeared first on Security Intelligence.

Five Key Trends on SOC Modernization

For SOCs looking to improve their ability to detect and respond to threats efficiently and effectively, Extended Detection and Response (XDR) has generated increasing amounts of excitement and discourse in the industry. XDR was one of the hottest topics at RSA 2022, but like with many “hot new trends,” perspectives on what XDR actually is, […]

The post Five Key Trends on SOC Modernization appeared first on Security Intelligence.

Digital Shadows Weaken Your Attack Surface

Every tweet, text, bank transaction, Google search and DoorDash order is part of your digital shadow. We all have one, and the contents of your shadow aren’t always private. For example, in April 2021 attackers leaked data containing the personal information of over 533 million Facebook users from 106 countries.  Sure, you might want your tweet […]

The post Digital Shadows Weaken Your Attack Surface appeared first on Security Intelligence.

Attracting Cybersecurity Talent Takes an Open Mind, Creativity and Honesty

Retaining cybersecurity talent can be difficult. Along with our previous tips, how can you attract great workers?   Difficulties and Positive Changes   The recent ISACA State of Cybersecurity 2022 survey provides some key markers: Unfilled positions are on the rise (not good) Existing teams are understaffed (not good) Budgets are (finally) increasing (good) University degree mandates […]

The post Attracting Cybersecurity Talent Takes an Open Mind, Creativity and Honesty appeared first on Security Intelligence.

Cloud Native Application Protection Platform: A Utility Knife for Cloud Security Services

Does the world need another acronym? Probably not. But it seems like one is born every day in the cybersecurity market. As a tradeoff for the brain power to recall their cryptic meanings, we should at least expect progress on the technology front. We have seen this before. With all that’s happened in the last […]

The post Cloud Native Application Protection Platform: A Utility Knife for Cloud Security Services appeared first on Security Intelligence.

How to Make Business Practices That Support Cybersecurity Response

Scottish author Robert Burns wrote in the poem “To a Mouse,” “The best-laid schemes o’ mice an’ men. Gang aft a-gley.” You may better know the saying in its more common form, “The best-laid plans of mice and men often go awry.”   This saying may resonate with incident responders, business continuity planners and crisis managers. […]

The post How to Make Business Practices That Support Cybersecurity Response appeared first on Security Intelligence.

One Size Does Not Fit All Organizations

Often, when you read about cybersecurity, the advice appears to be ‘one size fits all’. People recommend the same things, regardless of if the business is two people in a home office or a global group with 100,000 employees. In some ways, the underlying concepts of cybersecurity are the same for all companies. However, the […]

The post One Size Does Not Fit All Organizations appeared first on Security Intelligence.

IBM to Acquire Randori, Transforming How Clients Manage Risk with Attack Surface Management

Organizations today are faced with defending a complex technology landscape — with cyberattacks targeted at constantly changing cloud, distributed, and on-premises environments. Often escaping security scans and periodic assessments, these changes represent windows of opportunities for attackers looking to bypass defenses. While there always have — and always will be — unknown risks, having a […]

The post IBM to Acquire Randori, Transforming How Clients Manage Risk with Attack Surface Management appeared first on Security Intelligence.

Real Security Concerns Are Scarier Than Doomsday Predictions

The metaverse, artificial intelligence (AI) run amok, the singularity … many far-out situations have become a dinner-table conversation. Will AI take over the world? Will you one day have a computer chip in your brain? These science fiction ideas may never come to fruition, but some do point to existing security risks. While nobody can […]

The post Real Security Concerns Are Scarier Than Doomsday Predictions appeared first on Security Intelligence.

Recovering Ransom Payments: Is This the End of Ransomware?

What’s the best way to stop ransomware? Make it riskier and less lucrative for cyber criminals. Nearly all intruders prefer to collect a ransom in cryptocurrency. But it’s a double-edged sword since even crypto leaves a money trail. Recovering ransomware payouts could lead to a sharp decline in exploits. Ransomware is still today’s top attack […]

The post Recovering Ransom Payments: Is This the End of Ransomware? appeared first on Security Intelligence.

Countdown to Ransomware: Analysis of Ransomware Attack Timelines

This research was made possible through the data collection efforts of Maleesha Perera, Joffrin Alexander, and Alana Quinones Garcia. Key Highlights The average duration of an enterprise ransomware attack reduced 94.34% between 2019 and 2021:  2019: 2+ months — The TrickBot (initial access) to Ryuk (deployment) attack path resulted in a 90% increase in ransomware […]

The post Countdown to Ransomware: Analysis of Ransomware Attack Timelines appeared first on Security Intelligence.

To Retain Cybersecurity Employees, Know What Drives Them

COVID-19 may have given cybersecurity talent retention an artificial prop up over the last two years. For example, job satisfaction was on a downward trend from 2018 to 2019, but with the pandemic came a plateau in 2020 and 2021. Was the plateau due to newfound satisfaction or were there other factors, such as economic […]

The post To Retain Cybersecurity Employees, Know What Drives Them appeared first on Security Intelligence.

Lessons Learned by 2022 Cyberattacks: X-Force Threat Intelligence Report

Every year, the IBM Security X-Force team of cybersecurity experts mines billions of data points to reveal today’s most urgent security statistics and trends. This year’s X-Force Threat Intelligence Index 2022 digs into attack types, infection vectors, top threat actors, malware trends and industry-specific insights.  This year, a new industry took the infamous top spot: […]

The post Lessons Learned by 2022 Cyberattacks: X-Force Threat Intelligence Report appeared first on Security Intelligence.

Cybersecurity Tips for a Safer Vacation

The beauty of having different climates around the world is that there is always somewhere we can travel for leisure all year round. These are times when we tend to relax and let our guard down. The reality, though, is that cyber crime knows no vacation. Attackers are relentless and are always on the lookout […]

The post Cybersecurity Tips for a Safer Vacation appeared first on Security Intelligence.

How to Respond to Non-Malicious Data Breaches

It’s easy to assume most, if not all, data breaches are malicious. Surely, attackers strike on purpose. However, almost two-thirds of data breaches start from mistakes, not an intent to cause harm. According to the Cost of Insider Threats Report from Ponemon, negligent employees create around 62% of security incidents, costing an average of $307,111 […]

The post How to Respond to Non-Malicious Data Breaches appeared first on Security Intelligence.

Malicious Reconnaissance: What It Is and How To Stop It

You spend your days getting ready to stop threat actors. But even as you wonder, attackers could already be ‘casing the joint’.  Before any well-organized attack, skillful or professional attackers quietly snoop around, looking for chances to gain access. It’s called malicious reconnaissance — the unauthorized active monitoring or probing of any information system to […]

The post Malicious Reconnaissance: What It Is and How To Stop It appeared first on Security Intelligence.

ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups

IBM Security X-Force researchers have continually analyzed the use of several crypters developed by the cybercriminal group ITG23, also known as Wizard Spider, DEV-0193, or simply the “Trickbot Group”. The results of this research, along with evidence gained from the disclosure of internal ITG23 chat logs (“Contileaks”), provide new insight into the connections and cooperation […]

The post ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups appeared first on Security Intelligence.

How Dangerous Is the Cyber Attack Risk to Transportation?

If an attacker breaches a transit agency’s systems, the impact could reach far beyond server downtime or leaked emails. Imagine an attack against a transportation authority that manages train and subway routes. The results could be terrible. Between June of 2020 and June of 2021, the transportation industry witnessed a 186% increase in weekly ransomware […]

The post How Dangerous Is the Cyber Attack Risk to Transportation? appeared first on Security Intelligence.

Avoiding the Unintended Consequences of Strict Cybersecurity Policies

Does the left hand know what the right hand is doing? Or does even the left pinky know what the left ring finger is doing? Problems can easily arise when policies, including cybersecurity ones, end up being out of sync with business, technical, legal or regulatory requirements. The situation becomes even more severe when policy […]

The post Avoiding the Unintended Consequences of Strict Cybersecurity Policies appeared first on Security Intelligence.

62% of Surveyed Organizations Hit By Supply Chain Attacks in 2021

You’ve heard more about the supply chain in the past two years than you ever expected, or likely wanted. But, as a cybersecurity professional, you now have even more reason to pay attention besides not being able to get your favorite products at the grocery store. The apps used to develop software and run the […]

The post 62% of Surveyed Organizations Hit By Supply Chain Attacks in 2021 appeared first on Security Intelligence.

MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be?

The MITRE ATT&CK threat framework is seemingly everywhere these days, and with good reason. It is an invaluable tool for understanding the various methods, or as MITRE refers to them Tactics and Techniques, employed by threat actors. It offers annotated and curated details about those methods, and it provides the capability to visualize this data […]

The post MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be? appeared first on Security Intelligence.

What Do Financial Institutions Need to Know About the SEC’s Proposed Cybersecurity Rules?

On March 9, the U.S. Securities and Exchange Commission (SEC) announced a new set of proposed rules for cybersecurity risk management, strategy and incident disclosure for public companies. One intent of the rule changes is to provide “consistent, comparable and decision-useful” information to investors. Not yet adopted, these new rules – published in the Federal […]

The post What Do Financial Institutions Need to Know About the SEC’s Proposed Cybersecurity Rules? appeared first on Security Intelligence.

New DOJ Team Focuses on Ransomware and Cryptocurrency Crime

While no security officer would rely on this alone, it’s good to know the U.S. Department of Justice is increasing efforts to fight cyber crime. According to a recent address in Munich by Deputy Attorney General Lisa Monaco, new efforts will focus on ransomware and cryptocurrency incidents. This makes sense since the X-Force Threat Intelligence […]

The post New DOJ Team Focuses on Ransomware and Cryptocurrency Crime appeared first on Security Intelligence.

Technologies Useful In the Pandemic Are Challenging Privacy Now

Your company likely made many quick decisions back in March 2020. As an IT leader, you provided the tools employees needed to stay productive while working remotely. It had to happen now or sooner. Your team made it possible for the business to continue moving forward during the pandemic. It was not easy. But you […]

The post Technologies Useful In the Pandemic Are Challenging Privacy Now appeared first on Security Intelligence.

Electron Application Attacks: No Vulnerability Required

While you may have never heard of “Electron applications,” you most likely use them. Electron technology is in many of today’s most popular applications, from streaming music to messaging to video conferencing applications. Under the hood, Electron is essentially a Google Chrome window, which developers can modify to look however they prefer. Since Chrome is […]

The post Electron Application Attacks: No Vulnerability Required appeared first on Security Intelligence.

Putting Your SOC in the Hot Seat

Today’s Security Operations Centers (SOCs) are being stress-tested as never before. As the heart of any organization’s cybersecurity apparatus, SOCs are the first line of defense, running 24/7 operations to watch for alerts of attacks and appropriately address those alerts before they become all-out crises. Yet with ransomware attacks maintaining first place as the top […]

The post Putting Your SOC in the Hot Seat appeared first on Security Intelligence.

5 Data Security Challenges and How to Solve Them

  Nearly two-thirds of the global population will have internet access by next year, according to Cisco’s Annual Internet Report (2018-2023) White Paper. There will be 5.3 billion total internet users (66% of the global population) by 2023, up from 3.9 billion (51% of the global population) in 2018. With this growth in internet usage, […]

The post 5 Data Security Challenges and How to Solve Them appeared first on Security Intelligence.

Solving the Data Problem Within Incident Response

One of the underappreciated aspects of incident response (IR) is that it often starts as a data problem. In many cases, IR teams are presented with an effect such as malware or adversary activity and charged with determining the cause through the identification of evidence that ties the cause and effect together within an environment […]

The post Solving the Data Problem Within Incident Response appeared first on Security Intelligence.

QR Code Security: How Your Business Can Use Them Responsibly

The Coinbase Super Bowl ad sparked several conversations in my family. My son in college used the QR code to sign up to buy cryptocurrency, something he had been interested in for a while. My mother-in-law mistakenly scanned the code wondering what she could get for free. My husband scanned the code to get more […]

The post QR Code Security: How Your Business Can Use Them Responsibly appeared first on Security Intelligence.