Today’s Security Operations Centers (SOCs) are being stress-tested as never before. As the heart of any organization’s cybersecurity apparatus, SOCs are the first line of defense, running 24/7 operations to watch for alerts of attacks and appropriately address those alerts before they become all-out crises. Yet with ransomware attacks maintaining…

  Nearly two-thirds of the global population will have internet access by next year, according to Cisco’s Annual Internet Report (2018-2023) White Paper. There will be 5.3 billion total internet users (66% of the global population) by 2023, up from 3.9 billion (51% of the global population) in 2018. With…

Through continued research into the ongoing cyber activity throughout Eastern Europe, IBM Security X-Force identified a phishing email campaign by Hive0117, likely a financially motivated cybercriminal group, from February 2022, designed to deliver the fileless malware variant dubbed DarkWatchman. The campaign masquerades as official communications from the Russian Government’s Federal…

One of the underappreciated aspects of incident response (IR) is that it often starts as a data problem. In many cases, IR teams are presented with an effect such as malware or adversary activity and charged with determining the cause through the identification of evidence that ties the cause and…