Malware June 14, 2019 Observations of ITG07 Cyber Operations 8 min read - After nine months of tracking the cyber operations of threat group ITG07, IBM X-Force identified new Chafer-associated malware targeting companies within the travel and transportation industry.
CISO June 6, 2019 Game On: How Cybersecurity Competitions and Hands-On Incident Response Training Help Bridge the Skills Gap 4 min read - Collegiate cybersecurity competitions offer an engaging, hands-on way for students to start their career — and for prospective employers to help train potential candidates in incident response.
CISO May 28, 2019 Interns and Social Media: A Goldmine for Hackers 7 min read - A social media post from one of a company's interns was all this people hacker needed to enter a secure area with a counterfeit employee badge.
Threat Intelligence May 27, 2019 HawkEye Malware Operators Renew Attacks on Business Users 3 min read - IBM X-Force researchers report an increase in HawkEye v9 keylogger infection campaigns targeting businesses around the world.
Endpoint May 20, 2019 How to Fight Back Against Macro Malware 6 min read - Per X-Force IRIS, at least 22 percent of reported campaigns in April 2019 delivered macro malware. What methods can defenders leverage to help detect malicious macro activity?
Advanced Threats May 16, 2019 GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation 4 min read - In an operation crowned "unprecedented," Europol and the DOJ joined forces and successfully dismantled what was left of the GozNym cybercrime gang that attempted to steal well over $100 million.
Threat Intelligence May 16, 2019 The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015 6 min read - Despite the rise in vulnerability reporting, cryptojacking attacks and attacks on critical infrastructure, one threat trend has been on the decline.
Software Vulnerabilities May 2, 2019 Published Exploits for Accessing SAP Systems Put Security Teams on Alert 6 min read - Researchers published two pieces of exploit code that can allow anyone to interact with an organization's SAP enterprise resource planning platform and perform unauthorized transactions.
Software Vulnerabilities May 1, 2019 Penetration Testing Versus Red Teaming: Clearing the Confusion 6 min read - There is some confusion in cybersecurity as to the difference between penetration testing and red teaming. Since all businesses have vastly different security needs, the distinction is critical.
Intelligence & Analytics April 23, 2019 How IBM X-Force IRIS Prepared for the Ukraine Election 7 min read - Before the first round of the Ukraine election in March, we decided that we couldn't afford to sit on our heels until an attack was launched.