Microsoft announced a Russian threat group (ITG11, aka Nobelium, APT29) also thought to be behind the SolarWinds attack conducted an email campaign masquerading as the U.S. Agency for International Development. Microsoft reports that while organizations in the United States received the largest share of attacks, targeted victims span at least…
Read MoreEven if you are not an engineer, NIST 800-160 Volume 1 could help you in your work to understand security by design. It shows what you need to secure your information system. In the other blogs in this series, we’ve summarized the major points of the document. In the final installment,…
Read MoreGas shortages caused panic after the Colonial Pipeline attack two weeks ago. This highlights how digital attacks can break into the real world in a big way. Specifically, the Colonial Pipeline attack blends crypto-locking data with data exfiltration and extortion, as well as other threats to infrastructure. How did the…
Read MoreDuring the past six months, IBM X-Force has been seeing an unprecedented increase in requests to build cyber ranges. By cyber ranges, we mean facilities or online spaces that enable team training and exercises of cyberattack responses. Companies understand the need to drill their plans based on real-world conditions and…
Read More