Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-04-02 11:15:19 |
How Relevance Scoring Can Make Your Threat Intelligence More Actionable (lien direct) |
Relevance scoring is a technique that correlates the properties of security analysts' threat intelligence and those of their organization, such as the industry and region.
|
Threat
|
|
|
|
2020-03-31 10:25:20 |
Effective Data Security Begins With a Strong Tech Foundation (lien direct) |
When laying the foundation of your data security and privacy strategy, you will want to prioritize data-centric solutions and consider a Zero Trust approach to minimize risk and facilitate compliance.
|
|
|
|
|
2020-03-30 04:00:48 |
Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy (lien direct) |
The renewed Zeus Sphinx activity that IBM X-Force is seeing features a modified variant targeting online banking users in North America and Australia through the use of maldocs themed around COVID-19.
|
Spam
|
|
|
|
2020-03-27 10:30:23 |
Why Adversarial Examples Are Such a Dangerous Threat to Deep Learning (lien direct) |
Adversarial examples can throw a wrench in deep learning processes and expose vulnerabilities. Organizations should take steps now to get ahead of these threats before they disrupt data processes.
|
Threat
|
|
|
|
2020-03-25 17:40:21 |
Recalibrate Insider Threat Controls When Your Employees Are Off the Corporate Network (lien direct) |
With the rise of the remote workforce, CISOs need to shift focus from corporate networks to protect against insider threats and risks beyond the traditional perimeter. Here's what to consider.
|
Threat
|
|
★★★★★
|
|
2020-03-24 11:00:23 |
Do You Know Your Responsibilities When It Comes to Container Security? (lien direct) |
Even some of the best cloud service providers (CSPs) won't provide sufficient container security to satisfy your compliance needs.
|
|
|
|
|
2020-03-24 10:00:53 |
TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany (lien direct) |
Our team is closely monitoring TrickBot's developing capabilities, including its new cross-channel attacks using the TrickMo component.
|
|
|
★★
|
|
2020-03-23 17:02:43 |
Extend Your Security Team, Quickly Add Expertise and Help Secure Your Remote Workforce (lien direct) |
Organizations around the world are adapting to respond to the impact of the novel coronavirus (COVID-19) and companies may experience increased stress and challenges across their security programs arising from increased remote user demand, site availability impacts, stringent travel restrictions and requests for social distancing. Security organizations may also urgently need to deploy critical software […]
|
|
|
|
|
2020-03-23 11:00:22 |
Crypto-Risk: Your Data Security Blind Spot (lien direct) |
Start thinking about what your organization can do to manage crypto-risk before today's encryption and security measures fall prey to tomorrow's attackers and advanced computing tools.
|
|
|
|
|
2020-03-20 13:00:30 |
7 Spring Cleaning Tasks to Improve Data Security (lien direct) |
Data security is a daily essential, but spring cleaning offers an opportunity to check in on your current practices and make changes where necessary.
|
|
|
|
|
2020-03-20 12:00:23 |
4 Principles That Should Define Your Evolving Security Operations Model (lien direct) |
It's never too soon to set the stage for your next-generation security operations model. Here are four important considerations to keep in mind.
|
|
|
|
|
2020-03-19 10:45:20 |
How CIAM Addresses the Challenges of Consumer Identity Management (lien direct) |
A consumer identity and access management (CIAM) solution can help enable secure, personalized, omnichannel interactions between consumers and brands.
|
|
|
★★★★★
|
|
2020-03-18 16:41:06 |
How We Learned to Stop Worrying and Embrace Remote Work (lien direct) |
The industry is in the midst of a transformation. In this case, it isn't the omnipresent digital transformation but rather a sudden tectonic shift towards remote work. For many organizations built on the classic, communal office space, this can seem daunting. Many employees have started to work from home, and some are throwing a wrench […]
|
|
|
|
|
2020-03-18 12:00:23 |
Using Mystery Novel Techniques to Track Down Cyberthreats (lien direct) |
If you consider yourself a good sleuth who can predict the end of every Agatha Christie novel, you might have a knack for discovering the origins of cyberthreats.
|
|
|
★★★★★
|
|
2020-03-18 10:00:51 |
EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan (lien direct) |
In recent analysis of malicious activity likely targeting entities based in the Middle East, IBM X-Force IRIS discovered a backdoor malware strain we named "EnigmaSpark."
|
Malware
|
|
|
|
2020-03-17 20:05:35 |
IBM X-Force Threat Intelligence Cybersecurity Brief: Novel Coronavirus (COVID-19) (lien direct) |
Global events such as the novel coronavirus (COVID-19) make all of us attractive targets for cybersecurity criminals. Whether it's phishing emails or new targeted scams, these tactics are meant to take advantage of citizens who are understandably concerned about their safety and health during this challenging time. COVID-19 email exploits can deliver damaging ransomware and […]
|
Ransomware
Threat
|
|
|
|
2020-03-17 13:00:23 |
2020 Tax Fraud Trends: How to Protect Yourself at Home and Work (lien direct) |
Scammers view tax season as a prime recruiting season for victims. Here are the most prominent tax fraud trends in 2020 and how to protect your identity and business from risks.
|
|
|
|
|
2020-03-17 11:15:20 |
Grow Your Business With an Evolving Cloud Security Strategy (lien direct) |
As the threat landscape becomes more complex every day, it is crucial that you adapt with an ever-evolving cloud security strategy.
|
Threat
|
|
|
|
2020-03-16 12:00:24 |
Player vs. Hacker: Cyberthreats to Gaming Companies and Gamers (lien direct) |
It is important that gaming companies are prepared to defend against threats to their consumers and that gamers understand the types of threats they can face in their community.
|
|
|
|
|
2020-03-13 13:00:29 |
Inadvertent Insider Threats Present a Unique Challenge to Organizations (lien direct) |
While we may imagine inadvertent insider threats as careless people clicking on dodgy emails, this image needs to be updated to include a wide variety of poor security hygiene behaviors.
|
|
|
|
|
2020-03-13 11:00:31 |
A Proposed New Trust Framework for Physical and Digital Identity Interactions (lien direct) |
As we broaden our scope of identity and consider what is required to exchange trusted personal data across physical and digital realms, community interoperability becomes even more important.
|
|
|
|
|
2020-03-12 10:00:28 |
PXJ Ransomware Campaign Identified by X-Force IRIS (lien direct) |
In a recent analysis from IBM's X-Force Incident Response and Intelligence Services (IRIS), our team discovered activity related to a new strain of ransomware known as PXJ ransomware.
|
Ransomware
|
|
|
|
2020-03-11 11:45:20 |
Safeguarding Healthcare for the Future With Zero Trust Security (lien direct) |
A Zero Trust security model can help healthcare organizations provision access in a more effective manner by focusing on data, workloads and identity.
|
|
|
|
|
2020-03-10 11:00:23 |
3 Things to Do Today to Help Combat the Gender Gap in Cybersecurity (lien direct) |
If we know we stand to gain so much from a more inclusive workforce, what can we do about it? Here are three things you can do today to help combat the gender gap in cybersecurity.
|
|
|
|
|
2020-03-10 10:45:20 |
In 2020, IoT Security Must Be Part of Your Threat Management Strategy (lien direct) |
From a threat management perspective, there is no logic in securing IT equipment while ignoring the IoT devices active in the same environment. Organizations must consider IoT devices as well.
|
Threat
|
|
|
|
2020-03-09 13:01:11 |
Beyond IT: Assessing the Human Impact of Healthcare Cybersecurity (lien direct) |
Great healthcare cybersecurity goes beyond IT best practices. Assessing the human element is essential to developing and deploying a holistic approach to security.
|
|
|
|
|
2020-03-09 11:00:49 |
From Nigerian Princes to Bitcoin Trading: Online Scams Have Come a Long Way (lien direct) |
Online scams originating from Nigeria have come a long way, and while some stick with the old rich prince ploy, others have devised more elaborate schemes to secure money.
|
|
|
|
|
2020-03-06 14:01:00 |
9 Strategies for Retaining Women in Cybersecurity and STEM in 2020 (lien direct) |
We still have a long way to go to improve gender diversity in the security workforce. Here are nine tips for recruiting and retaining women in cybersecurity and STEM.
|
|
|
|
|
2020-03-06 12:00:25 |
How a More Connected Approach Can Help With Threat Management (lien direct) |
Using capabilities that maximize and connect existing security solutions and data sources can help organizations advance their threat management initiatives in multiple ways.
|
Threat
|
|
|
|
2020-03-05 12:30:21 |
Embracing the Power of Community for Better Security (lien direct) |
Threat actors seem to do better than defenders in a key area: collaboration. To effectively fight threats, we need to collaborate as a community and reimagine security as an open construct.
|
|
|
|
|
2020-03-05 11:00:22 |
Career and Management Advice to Improve Diversity From 21 Leading Women in Cybersecurity (lien direct) |
There's a long way to go to close the gender and diversity gap in security. Here is some career and management advice from 21 notable women in cybersecurity.
|
|
|
|
|
2020-03-04 14:01:21 |
Modernizing Threat Management for the Evolving Attack Surfaces of OT, IoT and IoMT (lien direct) |
The combination of digital transformation and the "Internet of Everything" is reshaping the modern landscape of OT, IoT and IoMT, meaning threat management must evolve in response.
|
Threat
|
|
★★
|
|
2020-03-04 14:01:06 |
How Human Security Investments Created a Global Culture of Accountability at ADP (lien direct) |
Human security is what matters during a cybersecurity crisis, where skills and muscle memory can make the difference in make-or-break moments.
|
|
|
|
|
2020-03-04 11:00:24 |
Measuring Security Risk in a Medical IoT World (lien direct) |
To reduce cybersecurity risk, silos among internet of things (IoT) technologies and hospital teams should be broken down and impact across four pillars should be weighed.
|
|
|
|
|
2020-03-03 12:00:21 |
What Is Rich Communication Services? Breaking Down the Benefits and Security Risks (lien direct) |
Texting has been available since the 1990s, and it has served us well. Now, Rich Communication Services is here. What kinds of security vulnerabilities are associated with this new tech?
|
|
|
|
|
2020-03-03 11:00:26 |
State of the Phish: IBM X-Force Reveals Current Phishing Attack Trends (lien direct) |
Phishing has long been an infection vector of choice for threat actors, and for good reason - it is relatively easy, inexpensive and consistently successful.
|
Threat
|
|
|
|
2020-03-02 12:30:25 |
Leverage ATT&CK for ICS to Secure Industrial Control Systems (lien direct) |
The core of MITRE ATT&CK for ICS provides an overview of the TTPs associated with threat actors that have carried out attacks against ICS systems.
|
Threat
|
|
|
|
2020-03-02 11:00:23 |
Workforce Versus Consumer IAM: Key Differences and Use Cases (lien direct) |
While workforce IAM focuses on a high degree of security, consumer IAM must balance user experience and security at all times.
|
|
|
|
|
2020-02-28 12:00:21 |
How to Avoid Cybersecurity Job Burnout and Go From Unsung Hero to Valued Contributor (lien direct) |
The same passion that brought you to your first cybersecurity job could also leave you feeling underappreciated and cause you to slide toward burnout.
|
|
|
|
|
2020-02-27 11:40:21 |
A Guide to Easy and Effective Threat Modeling (lien direct) |
Threat modeling is a process by which potential threats can be identified, enumerated and prioritized, all from a hypothetical attacker's point of view. Learn more about building a threat model.
|
Threat
|
|
|
|
2020-02-26 12:45:21 |
Scalable Data Protection Is Critical to Support Data Privacy (lien direct) |
Organizations are scrambling to figure out the data privacy processes and controls needed to support specific compliance requirements and protect the personal data they store.
|
|
|
|
|
2020-02-26 11:05:26 |
What\'s Old Is New, What\'s New Is Old: Aged Vulnerabilities Still in Use in Attacks Today (lien direct) |
Two vulnerabilities that were reported and patched in 2017 were used in nearly 90 percent of malspam messages in 2019. Why would threat actors use these old, well-known exploits in their attacks?
|
Threat
|
|
|
|
2020-02-25 12:00:21 |
A Road Map for Better Government Cybersecurity From North Dakota (lien direct) |
Imagine the impact on the government cybersecurity landscape if the mantra for every U.S. state were something like, "Every student, every school, cyber-educated."
|
|
|
|
|
2020-02-24 11:30:21 |
The Past, Present and Future of Security Information and Event Management (SIEM) (lien direct) |
Security information and event management (SIEM) was originally designed to help organizations achieve and maintain compliance, but over the years, it's evolved to become so much more.
|
|
|
|
|
2020-02-21 14:10:23 |
Municipal Cyberattacks Put Us All at Risk: What Can We Learn From Previous Attacks? (lien direct) |
What kinds of state and local government institutions are being targeted by cybercriminals? And what can we learn from recent municipal cyberattacks?
|
|
|
|
|
2020-02-21 12:00:20 |
Making Cloud Security a Team Sport (lien direct) |
By combining a strategic cloud security program with the right security tools and services, organizations can tackle cloud migration with confidence that risks will be managed effectively.
|
|
|
|
|
2020-02-21 11:50:21 |
Cyberthreat Intelligence Tooling - How to Quickly Locate Your Key Indicators (lien direct) |
While there are many cyberthreat intelligence tools and platforms that can locate indicators for you, it is important to understand the process yourself before relying on a tool.
|
|
|
|
|
2020-02-20 12:30:26 |
To Rank or Not to Rank Should Never Be a Question (lien direct) |
Scanning is an important part of any vulnerability management program, but it should always be accompanied by vulnerability ranking to ensure teams are patching the most impactful issues first.
|
Vulnerability
Patching
|
|
|
|
2020-02-19 11:05:27 |
Emotet SMiShing Uses Fake Bank Domains in Targeted Attacks, Payloads Hint at TrickBot Connection (lien direct) |
Before a short lull in mid-February, Emotet was in the midst of a rise in activity that has been apparent since late 2019 - in terms of both spam and infecting potential victims via SMiShing attacks.
|
Spam
|
|
|
|
2020-02-18 13:10:38 |
Banking Trojans and Ransomware - A Treacherous Matrimony Bound to Get Worse (lien direct) |
To combat the threat of banking Trojans and ransomware, organizations should stay up to date with the rapidly evolving threat landscape by utilizing the latest threat intelligence.
|
Ransomware
Threat
|
|
|